Phishing is a scam that uses targeted email or pop-up messages to deceive consumers
into disclosing personal information including credit card or bank account info, Social
Security numbers and passwords.
Phishers send messages using a sense of urgency and claiming to be from a business
or organization that you may be involved with at work or school. These campaigns can
send emails from your account to all of your contacts. Additionally, email addresses,
logos and login pages can all be spoofed to appear legitimate. Phishing attempts will
often impersonate various types of Towson University communications. Don’t take the
THINK YOU HAVE RECEIVED A PHISHING EMAIL?
Follow these steps:
Ignore the request for action. Do not respond, click on any links or open any attached
files. NEVER reply with your NetID/password.
If you are concerned that your information or device may have been compromised, contact OTS at 410-704-5151 or submit a TechHelp service request.
Protecting The Campus
As one of many layers of cyberprotection, the Office of Technology Services has enabled
phishing detection on TU email accounts. If you have concerns about links in an email,
forward it to phishing AT_TOWSON. You are still the University's best line of defense -think before you click!
HOW to recognize Phishing
These characteristics should be considered signs of a phishing message:
Urgent Requests. Be suspicious of any email with urgent requests for personal or financial information.
This includes a request for immediate action or there will be a devastating consequence
(threat). A phone call to the OTS at 410-704-5151 will clear up any question about account status.
Request for username and passwords-especially for NetIDs. No one at TU will send an email asking for your username and
References to the IT department or IT service. The technology office at Towson University never refers to itself in writing as “IT”
– always look for The Office of Technology Services (OTS) in communications.
Vague subject lines. OTS will provide descriptive subject text, and when possible, include a phishing
disclaimer at the end of the email.
Obvious spelling mistakes and bad grammar. Emails sent from TU departments and offices are almost always reviewed and spell-checked
prior to distribution.
Unfamiliar links in the body of the email. Don’t click – hover to check the actual web address.
Attachments that are “.exe” or “.zip” files. Opening these can launch and spread malicious software.
Unknown sender, or an email from an unsolicited source. If it is not from an @towson.edu address,
be sure you are familiar with sender.