Dear Campus Community:
We have received a number of inquiries regarding the message below (the link has been changed to protect those who might be curious and click on it).
This message is a phishing scam. They are becoming very common because many people fall for them and disclose their credentials, essentially giving a stranger the key to his or her online identity.
With a little detective work, you can smell a “phish” a mile away. Here are some tips using the above example.
1. In general, it is very odd for any institution, business, etc. to send an email asking you to “click on a link” to confirm your username and password. That has “sketchy” written all over it.
2. Even though this message came from a Bucknell account, it was not from someone in Library and IT. (It actually came from a Bucknell account that was compromised). We will ALWAYS send emails signed by a Library and IT staff person.
3. Look for terms and grammar that appear to be a bit “off.” For example, we use terms like “Bmail,” not “Webmail.” Who is the Bucknell Univeristy Mail Service Team, and why is “University” spelled wrong? There are all kinds of mixed case words used (“Webmail account Certificate”) and awkward sentences (“Please take a second to update your records by link below or copy and paste link’ Do remember that your EMAIL PIN mean your EMAIL PASSWORD.”).
4. Do you even understand what the email is talking about? What does interrupting your email delivery configuration mean? What is a Webmail account Certificate, and what does it do? Why have you never received a notice like this before, and why does the first notice require immediate action?
5. Why would Bucknell University send you to a website with a URL like this?
That doesn’t seem like a legitimate, Bucknell website–especially not one where I should disclose my username and password.
Finally, since many of us receive a large volume of email, we tend to “skim” messages for highlights. “Phishermen” count on our carelessness. You can easily overlook suspicious messages when skimming.
This won’t be the last phishing email you receive, but hopefully this one serves as a good learning opportunity when trying to discern a message’s credibility in the future. Of course, as many of you have done already, if you have any doubt about the legitimacy of an email message please feel free to contact Tech Support at email@example.com or by calling 570.577.7777.