How to Deal with Fake Email

Why am I getting this email?

Phishing (pronounced: fishing) is an attack that attempts to steal your money, or your identity, by getting you to reveal personal information -- such as credit card numbers, bank information, or passwords -- through email/SMS communication or websites that pretend to be legitimate. Cybercriminals typically pretend to be reputable companies, friends, or acquaintances in a fake message, which contains a link to a phishing website.

"Spear phishing” is a type of phishing campaign that targets a specific person or group and often will include information known to be of interest to the target, such as current events or financial documents. It often uses real people's names from SVC, but asks for the recipient to contact them via non SVC emails.

How to spot a fake email:

Here are some ways to recognize a phishing email:

• Urgent call to action or threats - Be suspicious of emails and Teams messages that claim you must click, call, or open an attachment immediately. Often, they'll claim you have to act now to claim a reward or avoid a penalty. Creating a false sense of urgency is a common trick of phishing attacks and scams. They do that so that you won't think about it too much or consult with a trusted advisor who may warn you.

  Tip: Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message. Are you sure it's real? Slow down and be safe.

• First time, infrequent senders, or senders marked [External] - While it's not unusual to receive an email or Teams message from someone for the first time, especially if they are outside your organization, this can be a sign of phishing. Slow down and take extra care at these times. When you get an email or a Teams message from somebody you don't recognize, or that Outlook or Teams identifies as a new sender, take a moment to examine it extra carefully using some of the measures below. This is especially important if the sender claims to be from SVC but uses a gmail, hotmail, outlook.com or other non SVC email.  

• Spelling and bad grammar - Professional companies and organizations usually have an editorial and writing staff to make sure customers get high-quality, professional content. If an email message has obvious spelling or grammatical errors, it might be a scam. These errors are sometimes the result of awkward translation from a foreign language, and sometimes they're deliberate in an attempt to evade filters that try to block these attacks.

• Generic greetings - An organization that works with you should know your name and these days it's easy to personalize an email. If the email starts with a generic "Dear sir or madam" or " Dear Skagit Valley College Faculty, Staff, and Students" that's a warning sign that it might not really be who they claim. 

• Mismatched email domains - If the email claims to be from a reputable company, like Microsoft or your bank or SVC, but the email is being sent from another email domain like Gmail.com, or microsoftsupport.ru this is called spoofing,  and it's probably a scam. Also be watchful for very subtle misspellings of the legitimate domain name. Like micros0ft.com where the second "o" has been replaced by a 0, or rnicrosoft.com, where the "m" has been replaced by an "r" and a "n". These are common tricks of scammers.  Another common trick is to ask you to contact them through another means instead of replying to the email, or to contact a 3rd party through yet another email account or SMS number.  SVC staff will never ask you to contact them for legitimate business through emails that are not @skagit.edu

What to do if you suspect an email is fake?

If you see any of these signs, there's a significant chance you're being phished.  If you are unsure whether an email request is legitimate, try to verify it without using the links in email:

• Never click any links or attachments in suspicious emails.  If you receive a suspicious message from an organization and worry the message could be legitimate, go to your web browser and open a new tab. Then go to the organization's website from your own saved favorite, or via a web search. Talk to them using official numbers or emails from their site. Call the organization using a phone number listed on the back of a membership card, printed on a bill or statement, or that you find on the organization's official website.
• If the suspicious message appears to come from a person you know, contact the company or person by another means – using information from another source (an account statement, the company’s official website, or the phone directory).
• Report the message via Outlook (skagit.edu emails) or gmail (mysvc.skagit.edu) - This should delete the email from your mailbox.
  • Microsoft 365 Outlook - With the suspicious message selected, choose Report message from the ribbon, and then select Phishing. This is the fastest way to report it and remove the message from your Inbox, and it will help us improve our filters so that you see fewer of these messages in the future.
    • Note: If you're using an email client other than Outlook, start a new email to phish@office365.microsoft.com and include the phishing email as an attachment. Please don't forward the suspicious email; they need to receive it as an attachment so we can examine the headers on the message. 
  • Gmail - Open the message. Next to Reply (the arrow pointing left), click More (three vertical dots).  Click Report phishing.

When should I contact the helpdesk or others?

We continue to get fake emails and they continue to get more and more tricky. 

• If you are unsure if an email is fake, and cannot contact the sender, contact the Helpdesk (it.helpdesk@skagit.edu or call 416-7766).
• If you followed up with the sender of an email you realized was fake after the fact, meaning you clicked on a link or gave away personal information before you realized the email was illegitimate, contact the Helpdesk ASAP. 
• If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

Other resources to learn how to spot fake emails:

Test yourself with this quiz: •  Visit https://www.opendns.com/phishing-quiz/

Or this one: https://phishingquiz.withgoogle.com

Five ways to spot a phishing email: •   https://staysafeonline.org/blog/5-ways-spot-phishing-emails/