Skip to main content
Register for Spring Semester

Phishing

What is "phishing" and how can I
identify a phishing attempt?



Article highlights 

  • Columbus State Community College will never ask for your
    user name and password

  • "Phishing" is the activity of defrauding an online account holder of personal information by posing as a legitimate company

  • CSCC policy 15-01 (F) (2) prohibits the sharing of CSCC user name and passwords

  • Unauthorized access impacts the confidentiality, integrity, and availability of vital college systems

  • Simply delete the phishing email and encourage your colleagues to do the same


 

"Phishing" is the activity of defrauding an online account holder of personal information by posing as a legitimate company. They send out e-mails which appear to come from legitimate websites such as eBay, PayPal, banking institutions, or even Columbus State Community College. The e-mails state your information needs updating or validation and asks that you enter your username and password (and possibly additional personal information) after clicking a link included in the e-mail. These fraudulent e-mails often look legitimate as do the web pages you are taken to in order to provide/validate your personal information.



Here is an example of a recent external phishing attempt targeting Columbus State:

 

External Phishing Attempt
Click to Enlarge

 

Here is an example of a recent phishing attempt from a legitimate but compromised CSCC email account

 

Internal Phishing Attempt

 Click to Enlarge

 

Phishing email characteristics

• Phishing emails may request your username and password be sent back in a reply
  email
• Phishing emails may show the sender on behalf of someone
• Phishing emails may contain fuzzy logo symbols which are not genuine
• Phishing emails may not contain email signatures or any contact information
• Phishing emails generally use bad grammar and unwanted capitalization
• Phishing emails generally require you to take quick action, such as verifying your
  account to prevent it from being deactivated

 

As outlined in CSCC policy 15-01 (F) (2), "Accounts and passwords may not, under any circumstances, be shared with, or used by, persons other than those to whom they have been assigned by the college." Providing login credentials allows for unauthorized access to vital college systems such as the college's computing network, Colleague, CougarWeb, Blackboard, and email. Unauthorized access impacts the confidentiality, integrity, and availability of these systems.

Columbus State Community College will never ask for your user name and password nor give you an ultimatum where you either provide your user name and password or risk losing access to your network account and/or web mail. If you receive a request for your information, do not respond. Simply delete the email and encourage your colleagues to do the same.