Phishing attacks are a form of electronic fraud that often take the form of "spoofed" emails. Spoofed emails will look similar to legitimate communications from PSU administration or colleagues, but are actually an attempt by malicious entities to steal information. Phishing attacks are designed to fool people into divulging things like Odin usernames, passwords, credit card details, and other personal, sensitive information. They often ask you to follow a link to a page that looks like an official PSU webpage and enter your Odin account credentials.
Protecting Your Information
If you believe you've received a phishing email, you should take the following steps:
- Reset your password: If you've followed a link in the email and entered your Odin username and password, follow the procedures on Resetting Your Odin Password to change your password and security questions immediately. If you use your Odin password for any other web services, OIT recommends that you reset the password there as well (for example, if you signed up for Facebook using your PSU email and Odin password, you should also reset your Facebook password).
- Report the email: Forward the email to firstname.lastname@example.org. The Helpdesk with investigate the email and you may help prevent many others on campus from falling victim to the attack.
- Mark the email as phishing or spam: Gmail provides a quick, easy way to mark emails as phishing/spam from within the web client. This will help everyone using Gmail, as it teaches the system which emails to block. To mark an email as phishing, go to mail.pdx.edu and follow the procedures listed at About phishing. You can also mark spam emails using the procedures at Reporting spam.
If your contacts tell you that they've received phishing/spam emails from you, ask them to take the same steps listed above and contact the Helpdesk if they have any questions.
Recognizing Phishing Emails
If you suspect an email may be a phishing attempt, you can check the list of Recent Phishing Emails. If the email is not on that list, it may still be a phishing email. There are a number of factors that can help you determine if an email from PSU is legitimate:
- Request for your Odin password: OIT employees will never ask you for your password. You should be suspicious of any email that asks you to provide login information.
- Exciting/upsetting statements: Phishing scams often rely on alarming (but false) statements to incite an immediate reaction from recipients. This could include warnings that your accounts will be suspended/deleted, that a delivery of goods/money is waiting for you, or that your information has been compromised elsewhere and needs to be verified.
- Poor spelling and grammar: Phishing and other untrustworthy emails can often be identified by their poor grammar or spelling. Many times these types of emails are not written in clear, professional English. Examine the content of these emails to see if it is poorly written or contains strange, unnatural wording. This can be a sign that the email is not an official PSU communication.
- Strange URLs: If the email contains links to other pages that ask for information, hover your mouse over the link and check the bottom of your browser window to examine where the link will take you. Secure PSU login pages will have URLs that begin with "https://" (ex: "https://oam.pdx.edu" or "https://sso.pdx.edu"). If the URL looks strange to you, do not click the link. Visit Anatomy of a Web Address for more information on URLs.
- Unsecured pages: If you've already opened the link in the email, examine your browser's address bar. Secure PSU pages will display either a green padlock or a green bar to the left of the URL that says "Portland State University". If you click on this green bar, it will display detailed information about the website's verified identity.
Do not enter your Odin credentials on any page that does not display either a green padlock symbol or a green bar in the browser's address bar. (Note: Mobile browsers may display a padlock image and the name "Portland State University" in green text above the address bar instead of a green bar.)
- Attachments from unknown senders: Before downloading/opening any attachments in an email, verify that you know the sender and that the email itself does not appear suspicious in any way. If you're unsure, check with the sender directly to make sure that the attachment is legitimate. Phishers often hope to trick you into downloading files that will scan your computer for personal information and send it back to them.
If you have any questions or concerns about suspicious PSU communications, contact the Helpdesk.