Facebook Pixel ITS - Phishing Example | Western Kentucky University

Phishing Example


Below is a phishing email that was sent around WKU. These emails can be very convincing but are NOT sent from WKU. They are an attempt to steal your account credentials. There are usually a few signs that give these away as a 'phishing' attempt, explained below.

 

 

Example Phishing Email

 

WKU Example phishing email

 

 

How to Identify This as a Phishing Scam

#1

Where the Links Go

A good sign that this is a phishing attempt is the link itself, it leads to a form that doesn't run on WKU's web servers (wku.edu) and only asks for your account NetID and password (called access code):

WKU example phishing link

Do not click links if they do not go to a wku.edu page.

#2

Suspicious Forms

You can see the link from the first image goes to a 123contactform.com site containing the form below. WKU will never ask you for your account password in a form like this, or any other way.

WKU example phishing link

Do not fill out forms like these, reach out to the service desk if you are not sure.

#3

Scammy Text & Warnings

Another good sign that this is a phishing attempt is the warning at the bottom of the message.

This kind of warning with an unreasonably short window for response and harsh penalties for non-compliance is intended to scare you into filling out the form as quickly as possible without considering the source or truth of the message.

Note also the poor phrasing and misspellings in the entire email.

WKU example phishing text

Warnings like this are a good indication of a phishing scam email, look out for them.

 

 

 




Need Assistance?

The WKU ITS Service Desk is here to help. Give us a call, chat with a representative online, use the Self-Help Knowledge Base and more.

Get Help



Some of the links on this page may require additional software to view.

 Last Modified 8/5/24