Recognize Phishing


Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.


The IT Solutions uses a variety of tools to minimize spam/phishing emails to university email accounts, but some spam will continue to make it into our university email inboxes.

These spamming attacks generally aim at one of two things: gaining access to a person’s account and/or getting money (or access to financial accounts to get money). Due to the use of random senders and the commonplace text in the emails, IT Solutions is unable to prevent them all without blocking legitimate email.

Watch out for typical beginning-of-the-year scams

  • Emails supposedly containing “important information about your TWU account,” or a “problem with your registration”
  • Scams specifically designed to cheat students out of money, such as scholarship scams, fake “tuition payment processors”, textbook rental or book-buying scams, housing scams, tutoring scams, and work-from-home scams
  • “Tech support” scams where you get a call supposedly from “the Service Desk” or even “Microsoft” or “Apple” telling you there’s a problem with your computer
  • IRS impersonators demanding that students or their parents wire money immediately to pay a fake "federal student tax"
  • Messages with links to fake login pages
  • Messages asking for your login information, no matter how legitimate they may look. No one other than you needs to know your passwords
  • Fake friend requests on social media
  • Fake Google Drive notices

How to stay safe

The best way to avoid scams is to approach all unexpected messages, offers, and phone calls with a healthy skepticism. Helpful habits include:

1. Always think twice before clicking on links or opening attachments, even if they look like they're from someone you know. If you’re not sure, contact the sender by a method you know is legitimate to confirm they sent it. Misspelled words and or unusual email addresses are common signs of phishing. 

Tip: Hover over hyperlinks in emails to verify they are going to the anticipated site.

2. Verify requests for private information. Remember, con artists know how to fake their identity. Check the email sender name against the sender’s email address. Do not provide personal or organizational information unless you are certain of the requestor’s authority, identity, and legitimacy.

3. Protect your passwords. Make them long and strong, never reveal them to anyone, and use different passwords for different accounts. Also use multi-factor authentication (MFA) where possible.

4. Scan for viruses and install updates. Regularly scan your personal computer for viruses and spyware and keep all of your devices updated with the latest OS updates. 

The Federal Trade Commission has published a list of online security recommendations that might be helpful.

Test Your Knowledge!

Take the Google Phishing Quiz

Think You’ve Been Compromised?

If you accidentally clicked on a link that you believe to be fraudulent, reset your password immediately.

If you believe your computer or your system has fallen victim to a cyberattack, contact the Technology Service Desk at 940-898-3971 or



Article ID: 86025
Fri 8/30/19 4:49 PM
Mon 8/15/22 12:57 PM

Related Articles

Related Articles (2)

Use Proof Point Blocked Senders list to block SPAM or any malicious e-mail messages from that sender.

Related Services / Offerings

Related Services / Offerings (1)

Proofpoint has been a leader in effective blocking of email-borne threats for over a decade.