Phishing & Email Scams

Learn how to spot illegitimate emails and keep your online presence secure.

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

Many users fall prey to phishing scams and end up victims of fraud and identity theft. Below are some helpful tips to follow when trying to determine if this is being done to you.

How can I tell if an email I receive is phishing?

  1. If an email asks you to enter your password or other personal information.

    Southwestern will NEVER ask you to submit your password via email, and if we ever ask you to complete a form, we will give ample notice and plenty of details to explain what we are doing.

  2. The message contains a mismatched URL or misleading Domain Name.

    A very easy way to tell if a link sent to you in an email is legitimate or not, is to hover over the link in your Web Browser (e.g. Chrome, Firefox, Safari) or Mail Client (e.g. Mail, Outlook, Thunderbird). The actual web address that you are being redirected to displays at the bottom-left corner of the window. If the address does not redirect where you think it should, chances are it is fraudulent.

    Phishers also like to mislead people by adding a familiar word to a link. For example, southwestern.edu is a trusted domain name. Based on that, a phisher might send a link to southwestern.maliciouswebsite.com in the hopes that somebody sees the word “Southwestern” and trustingly clicks on the link.

  3. The message contains poor spelling and grammar.

    Southwestern is staffed by professionals who write emails accordingly. You may notice a few typos here and there purely due to human error, but if you read an email requesting information that is full of spelling and grammar mistakes, chances are it is fraudulent.
  4. The offer seems too good to be true.

    If you receive a message from someone unknown to you who is making big promises, then the message is probably a scam.

  5. You didn’t initiate the action.

    If you get a message informing you that you have won a contest that you did not enter then you can bet that the message is a scam.

  6. You are asked to send money to cover expenses.

    You should always be wary when money is involved, especially with somebody you’ve never met. If you are ever asked to provide money for covering expenses, taxes, fees, etc, then the message is most likely a scam.

  7. The message makes unrealistic threats.

    Most phishing attempts try to trick users into giving up money or information but some try to intimidate or scare. If a message makes unrealistic threats then the message is probably a scam.

  8. The message appears to be from a government agency.

    Government agencies and US law enforcement do not engage in email-based extortion. Some phishers will pose as a government entity (IRS, FBI, etc) to attempt to intimidate any law-abiding citizen.

  9. Something just doesn’t look right.

    If your instinct tells you something about a message doesn’t look or seem right, you’re probably correct.

Always be wary of any requests show any of these signs and if you receive such requests, you can help protect the entire campus by reporting them to infodesk@southwestern.edu.

If you are ever in doubt about whether or not an email is valid, please contact infodesk@southwestern.edu and wait for a response before taking ANY action.

Please be vigilant about keeping your digital identity and information safe!