Signs of Phishing Emails

No fishing sign.When you receive an email with links or prompts for information, make sure to stop and think about the links before clicking or responding. Here are some tips to help you identify the signs of a phishing email.

Yield sign icon.Who is the email from?

Always check the email sender.

Phishing messages attempt to convince you that the message is from a trusted source. This is typically done by using a fake signature or email display name that will lead you to believe the message is from someone else, such as the Help Desk, Microsoft, an Email Admin team or something similar. Always check the sender of an email message by looking at the actual email address that sent the message, even if the email display name is a recognized name. Also, if the sender is an email address, that does not confirm that the email is from a trusted source. If a phisher gains access to a WMU account, they will send further phishing messages using that account to appear more trustworthy. When in doubt, find the contact information of the individual on the official university web site and contact them directly to verify that they sent the message.

Constructions sign icon.Does the email ask for or promise money?

Never provide your financial information or make payments through unsecured systems. Do not spend money on behalf of others.

If something sounds too good to be true and it’s coming from somebody you don’t know, it's almost certainly a scam. Even if the message is from someone familiar, the name and email address may be impersonating the individual, to make it appear it is from them, although it is not. Always check the actual email sender or ask for verification.

Financial scams are often advertised as easy jobs that offer a profit for purchasing items or reimbursement or an acquaintance who is in a hurry. There is no legitimate reason for you to handle payments or financial transactions for somebody else. If you are asked to purchase gift cards, services, do a wire transfer, deposit money, forward money, or perform any financial transaction you are likely involved in a scam.

See job search scams  and how to spot and avoid common scams for more helpful tips. See campus employment for students for official student job postings at Western Michigan University.


Stop sign icon.Where does the link go?

Always check the link.

Another tip to improve online safety is to always check the destination of a link before clicking it. This can typically be done by hovering over a link before clicking. Does the web address make sense? For example, when you log in to GoWMU, is in the web address.

Avoid any email link that asks for your Bronco NetID or any user name and password. Keep in mind, however, that some legitimate WMU services may generate emails with links that will require you to log in, such as when a colleague or classmate shares a document with you via OneDrive or Google Drive. All web services (like OneDrive) can be accessed via GoWMU, therefore we recommend accessing those services directly.

Street crossing sign icon.What's the email about?

Always be suspicious of emails regarding account status that include links to log in, such as mailbox quota limits, account deactivation, etc.

The most frequently used subject  in a phishing message typically pertains to the status of your email account, leading you to believe that there is some sort of action requiring you to log in. Examples include reaching a mailbox storage quota limit, impending account deactivation, or that incoming messages have been placed on hold until you log in. Western Michigan University will never send messages of this nature. Ignore any links within an email that ask you to log in using your Bronco NetID or any other user name and password. Most online services can be accessed via GoWMU, and this is the safest way to access your account.

Speed limit sign icon.Does the email contain typos and poor grammar?

Check the content of the message for misspelled words, poor grammar or odd punctuation.

Phishing messages will often include spelling errors or odd punctuation due to translation errors or due to an attempt to bypass standard email spam filters. Remember, these messages are crafted to trick you into divulging your credentials. With that said, do not trust an email message simply because the spelling and formatting are correct, this should be used with all other tips to determine the legitimacy of a message.

Caution sign icon.Does the email have suspicious attachments?

Don't open any attachments that you were not expecting.

If you receive an unsolicited email containing a suspicious attachment from a sender that you do not recognize, do not open the attachment. If the email claims to be from a WMU department, such as Payroll or the Help Desk, we recommend reaching out to that department directly to confirm the legitimacy of the attachment.

Staying Safe Online

To learn more about staying safe online and what WMU does to help keep you safe, read: