Here are some ways to identify phishing in general:

• Who actually sent the message? Did it come from someone you know? It's not unusual to receive a message from a first-time or infrequent sender, but it can be a sign of phishing. Sometimes phishing messages claim to come from someone you know, but the messages are actually sent by an address that does not belong to the individual, so always examine the sender address. Sometimes phishing messages claim to be from an organization, but the sender's address does not match the organization's email domain.
• Does it contain urgent or emotionally appealing language? It is common for phishing messages to request immediate action, so that you might respond without thinking or asking others for advice. A common trick of phishing attacks is to offer a reward or the avoidance of a penalty.
• Are there links or attachments? You should not open links or attachments in a suspicious message. If the message contains a link, look at the address that underlies the link (hover your mouse over the link, but do not click it). Does the domain of the link look suspicious or does it match the sender's claims (for example, a link that points to jmu.edu.scammer.com is not a JMU link)? Be suspcious of shortened URLs that cannot be verified to the sender (for example, tinyurl.com or bit.ly links). Similarly, watch out for QR codes, because the underlying links can be difficulty to determine. Also, one final tip: if you find it difficult to examine the links on your mobile device, try viewing the email on your computer.

JMU occasionally conducts phishing educational campaigns. If you'd like to see messages from a recent campaign to help you learn how to identify phishing messages, click here to skip to the image gallery below.

If you click on a phishing message, you should immediately do the following:

• Forward the message as an attachment to abuse@jmu.edu
• If you provided credentials, change your password
• Contact the IT Help Desk; a phone call is the fastest method