2025 Cybersecurity Awareness Month Tip – Phishing messages

Hackers regularly send phishing messages to try and trick you into giving them your password.  While Fairfield runs software that blocks most of the phishing messages sent to your Fairfield email, some messages still make it through.

Here are some common elements that you’ll often find in phishing messages:

1. Short deadlines
2. Threats of fines, penalties, loss of access, and/or criminal charges
   These two elements are trying to trick you into reacting quickly instead of taking time to consider if the request is legitimate.
3. Requests to reply using your personal email
   This element is trying to trick you into using an email system that is outside of the protections that Fairfield uses to block malicious email senders and messages. 
4. Impersonation of someone that you know
   This element takes advantage of email’s very, very old design that lets anyone enter whatever they want as the displayed name, so a message coming from evilscammer@gmail.com could show a display name of one of your colleagues.  The hacker is attempting to exploit the trust you have in your colleague to trick you into clicking on the included link or opening the included attachment. 
5. QR codes and files that contain a URL
   This element is trying to get around the URL scanning that email protection systems use so the hacker’s message is able to slip past our email defenses.

And hackers use more than just email to try to phish you.  They will also send phishing messages via SMS text (aka “smishing”) and voice calls (aka “vishing”).  Both of those can use spoofed caller ID, so you’ll want to be extra skeptical whenever you receive an unexpected text message or phone call from any number not in your contact list.

If you receive anything that you think might be a phishing message, please forward it to phishing@fairfield.edu.