How to Identify a Phishing Attempt
Common Warning Signs
- Create a false sense of urgency (e.g., 'Your account will be deactivated!').
- Request sensitive information like passwords or MFA codes.
- Include suspicious links or attachments.
- Come from spoofed or unknown email addresses.
- Use generic greetings like 'Dear user' instead of your name.
GTC-Specific Threats and Protocols
- Text and Email Phishing:
Campaigns have included fake job offers and impersonation of internal addresses.
- Security Measures: MFA is highly recommended, and users should reset passwords immediately.
- Reporting: Forward suspicious messages to `reportspam@gvltec.edu` or use the report phishing icon in Outlook
Best Practices from GTC OIT
- Check for harmful inbox rules (especially in O365 webmail).
- Reset passwords and MFA credentials right away.
- Use the Self-Service Password Reset Tool and MFA Guide from OIT.
- Never click on links or download attachments from unknown sources.
- Legitimate companies will not request sensitive information via email or text.