Phishing Guidance

What is Phishing?

More than 90% of cyber attacks begin with phishing according to the Cybersecurity and Infrastructure Security Agency (CISA). Anyone can be a victim.

Phishing is the attempt to steal information by pretending to be someone you know and trust. The attacker on the other end is after your information (password or credit card #), or trying to install malicious software such as ransomware, remotely access trojans (RATs), viruses, etc. to gain access to your organization's network.

Always check the sender's address and hover over links before clicking. Never send sensitive personal information in an email (e.g., passwords, social security numbers, credit card numbers). And most importantly, SLOW DOWN and consider if the email makes sense.

Here are some common phishing techniques:

Spear Phishing Smishing Vishing Quishing
Email phishing that targets specific individuals or job titles. Hackers research the target to make the attack more personalized and increase chances of success. Phishing conducted via text message. A smishing text, for example, attempts to entice a victim into revealing personal information via a link that leads to a phishing website. An attacker calls the user and asks the user to dial a number. The purpose is to get personal information through the phone. Vishing is mostly done with a fake caller ID. A phishing attack that deceives a user into scanning a QR code that redirects the user to visiting or downloading malicious contnet.

There is no single red flag that guarantees an email is phishing or legitimate. For example, not every email from an external sender is bad, nor is every email from an internal address good. But in general, here are some signs that should tell you to slow down and consider things more closely:


Suspicious Sender

  • Sender is not someone that you know
  • Sender's email address has,
    • spelling errors (Goggle.com)
    • added/changed characters (Micros0ft.com)
    • suspicious domain name (@vanderbilt.edu.gmail.com)

Message Content

  • Greeting or closing is generic or missing, such as saying Dear Sir or Madam
  • Subject does not match the message content
  • It is a reply to a message that you did not send
  • Message requests,
    • immediate action (reply ASAP)
    • submission of personal information or asks yo to update your account
    • Includes frequent spelling, grammar, or punctuation errors

Suspicious Links and Attachments

  • URL,
    • leads to a site that is different from what is advertised
    • has a strange domain (.ie, .ml, .ne, .ru)
  • Attachment has an unexpected file type extension (.html, .exe, .vbs, .scr, .cmd, .js)
  • Link or attachment names include misspellings or added/changed characters

Common Attacker Tactics

  • Offers a job that seems too good to be true
  • Prompts to update your account information or change your password
  • Requests money or gift cards
question icon

Not sure how to start?

Get in touch if you don’t know where to begin, you can’t find the guidance needed on the website, or if you just want to learn more. The Office of Cybersecurity has subject matter expertise and is here for Vanderbilt community to discuss security questions or concerns.

Get Security Help