You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > Canvas User Experience > How to spot a phishing attempt
How to spot a phishing attempt
print icon

If someone ever asks you to verify your FSU username and password, please don't!

Florida State University does not ask for your username and password via email, text message, or over the phone. If you have received such a message, you can assume that it is a phishing scam that is intended to acquire your FSU login, steal sensitive information, and send messages through your FSU email account.

If you clicked one of these links and are having trouble logging in to any FSU systems, please reset your password or call the ITS Service Desk at (850) 644-HELP(4357). Your password may have been automatically reset for your protection.

Examples of phishing messages

Phishing messages can vary greatly in terms of their content and level of sophistication. See two examples below:

Example 1 - Simplistic

From: Latisha Jean. Your e-mail account was LOGIN today by Unknown IP address, Click on the Administrator link below and LOGIN to validate and Verify your e-mail account or your account will be temporary block by sending more messages. CLICK LINK BELOW http://helpdeskfsu.site.y.me/

Example 2 - Sophisticated

From: Black Board. Subject: New security update. Body: We noticed a login attempt to your FSU account from an unrecognized device on Friday, December 03, 2016. As part of our Security Agreement we have place your account on "Limitation". Please follow the link below to keep your FSU account safe: (highlighted in blue) Click to verify your account password (end highlight). Thanks for taking these additional steps to keep your account safe. Copyright Florida State University  students and staffs Affairs

Clues to identify phishing

Typically, phishing messages will make it appear that you will lose access or already have lost access to something important if you do not log in to your account. In the message, phishers will supply a link or a button pointing to a fake login page hoping that you will submit your username and password to their server.  

Our ITS Service Desk has put together a list of clues to look out for when reading your email:

  • Request for your username and password. Again, FSU will never ask for your FSUID username and password in an email or phone call.
  • Threat that you will lose something (cutting off a service, suspending an account, etc.) if you don’t act in a timely manner. The goal of cybercriminals is to make the situation seem dire so that the victim feels obligated to provide personal information.
  • Notification that your computer or device is infected and/or broken. Non-solicited information regarding the stability of your computer should not be trusted.
  • Incorrect grammar and/or spelling. Cybercriminals use this as a tactic to bypass spam filters. FSU has established processes to ensure the spelling and grammar in emails are reviewed for accuracy.
  • A link that will solve your problem. If you are asked to click a link in a suspicious email, don’t click it.
  • A cost for solving your problem. FSU will not solicit upfront payments for troubleshooting or repairs.

Ask for help 

If you would like to verify whether or not a message is legitimate or if you are having trouble logging in, please call the ITS Service Desk at (850) 644-HELP(4357). 

Feedback
70 out of 71 found this helpful

scroll to top icon