Is it real?
If you have to ask, it probably isn’t!
Here are examples of some of the most recent phishing emails we’ve seen:
Things to check before clicking on a link in an email:
1. Check the email address:
– Hover your mouse over the email address, is the address the same? Is it a valid email address of someone that might send you such an email?
– Did the person in question actually send the email? If not 100% sure, contact them to find out!
– If the email concerns your Williams username/passwords, see #3 below.
2.Check the link itself BEFORE clicking on it:
– Hover your mouse over the link. Does the actual link match where it is supposed to go?
3.Check if it is a valid email from OIT:
– OIT will NEVER, EVER ask for your Williams Username/Password
– Official OIT emails will have “OIT-EPH-NOTICE” and the date in the subject line
If you have submitted your password to a phishing site or email, here are the steps you will need to take ASAP:
http://oit.stage.williams.edu/help-docs/security/phish-recovery/
When you do recognize a phishing email it helps to report it directly to Google so they can analyze and block it more quickly. From the gmail interface in a web browser choose Report Phishing from the drop down menu next to Reply
This may be a good time for you to review the security settings on your Google Account. Do you have 2-step verification turned on? To check, visit your Google Account settings by clicking on the top right circle and select “My Account”. Under the “Sign-in & Security” section you can set up 2-step verification.