Stay Safe From Phishing Scams
Phishing Alert: Attackers Use Google Workspace Apps to Steal Credentials
Phishing Alert: Attackers Steal Mailing Lists Using Mailchimp
Quick help: What you need to know
Did you know? The probability that a phishing message succeeds is 1 out of 10!
But you can learn to stay safe from phishing scams and make your community safer, too, with these safety facts.
Phishing: what you need to know.
Scammers are after your:
- Passwords
- Financial info
- Identity
- Money
Why do we fall for these scams?
- Urgency
- Desire to please
- Greed
- Curiosity
- Complacency
- Fear
Probability that a phishing message succeeds: 1 out of 10!
Watch out for:
- Spelling and grammar errors
- Sender address
- Things that sound too good to be true
Beware of unsolicited messages:
- Attachments
- Links
- Login pages
If you see something, say something!
Click the image to see full-size version
Key facts
Scammers are after your identity, your accounts and information, and your money.
That's why you should always be extremely cautious with:
- Unsolicited messages
- Unfamiliar sender addresses
- Requests for personal information
- Login pages
- Attachments
- Links
- Things that sound too good to be true
- Urgent requests
Keep going to keep learning.
Recognize
Protect yourself and Stanford by learning to recognize a phishing email.
Know the anatomy of a phishing email
Learn what factors are typical of a phishing email by examining the anatomy of phishing emails.
Study recent examples of phishing
View recent phishing emails and online scams seen on campus. This will help you learn what to avoid and what to report.
Phishing Awareness Program at Stanford
This program periodically sends emails resembling phishing messages, providing a way for recipients to safely practice phishing identification.
Report
When you report phishing, you're helping others!
By reporting a suspected phish or scam, you help Stanford University's Information Security Office (ISO) take important steps to evaluate and mitigate the threat.
Here are the ways you can report:
How to add the Phish Reporter Button in Outlook Web App (OWA)
If you don't see the Phish Reporter Button in your Outlook Web App experience, learn how to add it to your actions menu.
How to use the Phish Reporter Button in Outlook
Learn how to use the the Phish Reporter Button in your Outlook desktop email client, web app, or mobile phone app.
How to report by forwarding an email
Learn how to forward a suspected phishing email, if you prefer to report that way.
Stay vigilant
Use available training and tools to increase safety.
A variety of training courses and resources offer you opportunities to learn more to stay vigilant against phishing attacks.
Register for training in STARS
Complete one or more of these trainings to skill up:
Find related courses on LinkedIn
Opt in to use URL Defense
URL Defense by Proofpoint removes much of the risk for human error when it comes to phishing attempts that use links. The tool blocks malicious links with a sophisticated redirection and evaluation process. URL Defense is conveniently available with an “opt in” or “opt out” mode at Stanford.
Use the Phishing Awareness Resource Toolkit
Use the resources here to stay safe and to share information with your friends and colleagues.
Infographics
Print infographics and post at your workstation or common areas, or share these infographics digitally.
Format: PNG and PDF
Phishing alerts
These alerts are typically released after a scam is identified as affecting the Stanford community. You can post the GIFs with alt text to Slack to help others stay safe.
Format: GIF (940x788)
Tips for meetings
Consider adding the provided slide to the start of a group or departmental meeting as a reminder for your audience to stay vigilant.
Format: Google Slides
Digital signage
Include a digital sign in rotation on digital displays, or use in a slide deck as a reminder.
Format: PNG (1920x1080)
Copyright Stanford University. Stanford, California 94305.