…the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. (Wikipedia definition)
If you receive questionable emails, do not respond or click on attachments or links until you can verify the legitimacy of the sender. Forward suspicious emails to firstname.lastname@example.org.
When we receive a suspected phishing email, we check it out to determine the risk. If it is a phishing attack, we may take any of the following steps:
- Breaking dangerous links so they don't connect to unsafe webpages
- Blocking malicious files from being delivered to to inboxes in the future
- Escalating the report to our security operations team to investigate compromised systems or accounts
Visit security.harvard.edu for more information on how to protect yourself from scams.
When evaluating an email you received that you suspect may be phishing, bear in mind that neither HUIT nor any reputable organization (banks, websites, agencies, Government departments) will ever ask you to send your passwords or confidential information in an email or over the phone.