Spear phishing is a specialized email attack against a specific target or small group of targets to collect information or gain access to systems. Cyber criminals have become quite savvy and often direct users to visit a website where they are asked to provide their account information, passwords, credit card information or other forms of personally identifiable information. The emails they send can look just like it comes from a University staff member, or any other service or business.

It often urges you to act quickly, because your account has been compromised. Recent phishing emails have included subject lines such as Email Maintenance Today and Unsubscribe opt-in leads.

How can I identify phishing emails?

• Read all communications carefully and look for:
• Unofficial or odd “From” address
• Urgent action required
• Links to a fake or odd website
• Misspellings or incorrect grammar

What should I do if I receive these?

• Do not click on any links contained in them.
• Do not open the email attachment.
• Please forward the phishing attempt to our IT Security office at infosec@scranton.edu.