Phishing Alert | "E-mail Verification Notice"

Posted April 6, 2016 by Academic and Institutional Technology
Tags: Phishing Attempts

Phishing Alert | "E-mail Verification Notice"

Students and employees recently received an email claiming to be from a Wheaton College Web Administrator. The email says that the recipient must verify their email account in order to increase security, warning that their account may be deleted if they do not comply. The link in the email leads to a fraudulent webpage that asks for the recipient's email address and password.

This email is a phishing attempt. Do not click on any of the links in the email or provide your email address and password to the sender. Thank you to all who reported this scam.

If you responded to this scam and provided your email address and password, please contact us at 630.752.4357 (HELP).

Spotting Phishing Attempts

Phishing Example

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The email claims to be from a Wheaton Web Administrator, but is not sent from an @wheaton.edu account. This email address almost certainly belongs to someone who fell for this scam previously and lost access to and control of their account.
  2. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to a non-Wheaton website. Any emails from Academic and Institutional Technology will direct you to a www.wheaton.edu webpage. We will never provide a link in an email that sends you directly to a page where you are asked to input your password.
  3. A legitimate email from Academic and Institutional Technology will include contact information for our department. We always want you to be able to check in with us and ask questions if you're not sure about an email we sent. If there is no contact information, the sender is pretending to be affiliated with AIT.

Always exercise caution when responding to emails. If you're not sure whether an email is a phishing attempt or not, contact us or call 630.752.4357 (HELP).