It is up to all Boilermakers to stay vigilant to protect their accounts and personal information. Successful phishing attacks and other security breaches pose risk not just to individuals but also to Purdue systems, networks and research, impacting the Purdue University system.

Protect yourself and Purdue by looking out for these signs of phishing: 

Mysterious Messages
Phishing emails often appear to come from someone you know or trust, but they can also come from unknown senders.

Always check the sender’s email address and make sure it matches the trusted source’s email address.

Urgent Demands
Phishing messages often direct you to take action immediately, implying that something negative will happen if you don’t. These messages are meant to get you to react before you think.

Always stop and think before taking an action. Does the request make sense?

Sneaky Links
One of the most common signs of phishing is the request to open an unexpected link or attachment. Malicious links or attachments can be used to steal your login info or other data.

Never open links or attachments from unknown or suspicious senders. If you need to sign in to a website, go directly to the known, legitimate address.

Before taking action, stop, look and think.
Does it seem suspicious, out of place or just strange? Then report the message and delete it immediately. 

The Purdue Systems Security Cybersecurity Awareness team, part of Purdue IT, provides year-round training for faculty, staff and students about ongoing cybersecurity threats and resources. Cybersecurity updates, FAQs and training videos are available through the online Cybersecurity Awareness Hub (https://www.purdue.edu/securepurdue/Cybersecurity/index.php).

To report suspicious or malicious emails to the security team, please utilize the Report Message button inside your Outlook client, which can be found in the top banner or by right-clicking an email in Outlook on the web (OWA). You can also report emails directly by forwarding them to abuse@purdue.edu.