NCSAM: Phishing - Don't Get Hooked!


Cybercrime continues to generate huge profits for criminals, and hackers are as sophisticated as ever. If you use the Internet, you are a target of "phishing" – a form of fraudulent solicitation where scammers send emails cleverly disguised to be from trusted brands such as banks, credit card companies, online retailers, or even one of your friends. Getting phished can result in identity theft, financial loss, and/or other legal issues.

The phishing emails entice recipients into taking an action such as clicking on a malicious link, opening an infected attachment, or responding to a scam. Often, the emails contain links to "spoofed" web pages, which may look exactly like those of a legitimate business. Clicking on any of these links or responding to the emails often results in the criminal’s acquisition of personal information such as account numbers, social security numbers, PIN numbers, and/or passwords.

Spear phishing is another type of phishing that targets a specific individual or group of individuals. In this case, the criminal researches their intended target through various avenues, such as social media or public blogs. The information gathered is then used to create a more personal approach which leaves the individual more likely to fall victim.

Below, please find tips on how to avoid being phished:
  • Educate yourself on the various types of cybercrime.
  • Check email addresses! If the email looks legitimate, but is from an unknown email account, it is most likely a phishing attempt.
  • Be wary of emails addressed to "Customer." A trusted organization should spell out your name, and may not use generic salutations.
  • Look for spelling and grammar mistakes.
  • Beware of any emails that require "immediate action." This is a common technique used to rush you into making a mistake.
  • Think before you click unsolicited or unknown links. Hover your mouse over links to show their true destination.
  • Only open attachments that you are expecting.
  • Be wary of messages that are "too good to be true."
  • Be suspicious of strange emails from friends. Your friend’s computer may be infected or their account might be compromised.

If you think you have been phished, change your password(s) immediately and contact the UMIT Service Desk at: (305) 284-6565.

If you have any questions about cybersecurity or want to learn more about how to stay safe online, please contact University of Miami’s Information Security Office at:

Click here or on the image below to download UMIT's NCSAM poster:

Feel free to print this poster and share it with your colleagues/peers!