Phishing Education

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy source in an email or other form of electronic communication. When you click on a link in a phishing email, you may be prompted to enter your CCSU credentials (BlueNet username or CCSU email address and password) on a non-CCSU web page. The hacker then steals your account information and attempts to use your CCSU email account to send out spam and/or phishing attempts to others in your address book and/or the entire university. Please review the information below about how to identity a phishing attempt and what happens if you fall victim to one from your CCSU account.

How can you tell if an email is a phishing attempt?

 

phishing example

What happens if you fall victim to a phishing attack?

If your CCSU email account is compromised by a hacker, the Information Technology department will:

  1. change your BlueNet account password. This is done to put an immediate stop to access to your CCSU email account. We will contact you to help you reset your password.
  2. temporarily suspend your ability to send email messages.
  3. work with you to ensure any computers you use to access your CCSU email are malware and virus-free.

As you can see, a compromised account is a huge inconvenience. This entire process can take up to 5 business days or longer to resolve, which means you will not be able to send any email during this time.

How can I keep my BlueNet account and CCSU email account safe?

There are several important actions you can take to keep your account safe:

  1. Do not share your CCSU BlueNet or My.CCSU.edu account credentials with anyone or enter your CCSU account credentials on ANY unknown web site. The IT Department will never ask you for your password, especially via an email message! Another way to keep your account safe is to choose strong passwords that cannot be easily guessed. Change your password often and do not write it down or store it on your computer.
  2. If you did accidentally click on a phishing link and/or supplied your credentials on an unknown site, immediately change your password to something you have never used below. Use the CCSU Accounts Management System to reset your BlueNet account password.
  3. Ensure Multi-Factor Authentication is configured for your account.
  4. Report any suspicious emails you receive to our anti-spam system using the instructions below. 

Outlook for Windows:

  1. Open the spam message or right-click the message.
  2. Click on Junk, then click on Block Sender.
  3. You will receive a notification that the sender has been added to your blocked list and the message has been moved to your Junk Email folder, click on OK.

Outlook for Mac:

  1. Open the spam message or right-click the message.
  2. Click on Junk to move the message the Junk folder. Click on Block Sender to add this sender to your blocked list.

Outlook Web Mail (webmail.ccsu.edu):

  1. Open the spam message or right-click the message.
  2. Click on Junk (if message is open) or Mark as Junk (if you right-clicked).
  3. A message will display asking if you want to report the message to Microsoft to assign with research and improvement of email protection technologies – click either on Report or Don’t Report.