Phishing and Suspicious Email

Owned by Aaron Schanz (Deactivated)
Last updated: Oct 25, 2024 by Andrew McClurg
3 min read

About is Phishing

Criminals use malicious email and websites to try to trick you into revealing your password or other sensitive information or to infect your computer with malware. Phishing email often uses urgent language, asks for personal information, and has grammatical, typographical, or other obvious errors.

Got Phished! Now What?

If you've interacted with (entered username/password) or gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised. Follow the instructions on our Got Phished! Now what?

On This Page


How to Spot Phishes

If you receive an email, be sure to consider the following:

  • Does the URL look right? 
    • On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
    • On your computer, hover over the link with your mouse. The URL will usually appear in the lower left corner of your window.
  • Does the login screen look right? Do not enter your NetID password unless you are sure it is safe.
  • Are you expecting the document or link? Be suspicious of unexpected emails sharing documents and links you are not expecting. If you are not sure, contact the sender (preferably via text message, phone, or an alternative email address) and ask if they shared a document with you.
  • Do you know the person sharing it? Consider the message suspicious if you do not know the person the message is from. Be aware, though, that phishers often use compromised accounts to send their messages, and they can also forge the sending address. If you feel at all unsure, call the person and ask if they shared a document or link with you.
  • Can you tell what the document is? Is it clear to you from the document title and message what the document is and why it is being shared with you? Phishers often send vague messages that just say a document has been shared with you. They rely on your curiosity. Do not open suspicious shared documents just to see what they are.
  • Beware of flattery. Customized emails complimenting their research and asking them to look at a shared document or link related to it. If it looks suspicious, do not log in.

Phishing resources you can use

Report Phishing Emails

Reporting Phishing and Suspicious Email in Microsoft Outlook

If you need more information or assistance with verifying any email messages, please do not hesitate to contact your local IT support team. You can also contact the ITS Security Department at infosec@syr.edu or the ITS Service Center  at 315.443.2677 and help@syr.edu.



Some content of this page may have been derived with permission from Safe Computing at University of Michigan