Phishing Red Flags

Red Flag:  Scammers send a message from a "faked" email address (often from a College VIP)

Action: Check the sender's actual email address in the message headers (don't rely on the displayed name only)
              Still not sure? Call the sender to verify the message

If you are receiving and email from a North Central Colleage account, the email address will be from @noctrl.edu (not from @gmail.com, @yahoo.com etc).  

Similarly, if you are receiving a message from a private company, the email address should reflect the company's official domain. Example: Staples - @staples.com (not @staples.discount-officesupplies.biz) 

Red Flag: Phishing emails usually include a link to a website or file attachment. 

Action: DANGER! Do NOT click on the link or open an attachment especially if you are not expecting it. First hover over a link to see where it is taking you!

Additional Information: Check BEFORE you click! Hover your pointer over the weblink to reveal the destination website - and inspect it carefully! Suspicious links may prompt you to provide your login information or can be links to malicious file downloads. 

Red Flag: Message requests personal or financial information

Action: Do NOT provide any personal or financial information in response to an email. Legitimate organizations will never ask you to do that. If you are unsure, contact the organization directly using a trusted phone number or website. 

Red Flag: Phishing messages usually try to create a sense of URGENCY or FEAR!

Action: Evaluate the message's claim! Do not trust emails that state "Your account has been suspended" or ask you to "Verify your information to keep your account active." Scammers use this type of language to get attention and make users act impulsively before they have a chance to verify the source of the information.

Red Flag: Many misspellings, improper word usage, atypical tone

Action: PAUSE! If a message's tone, word usage, spelling, punctuation, or grammar seem unusual, think twice before interacting the message.

Additional Information: This used to be a bigger red flag, however, scammers now use AI and specialized translation tools to create better messages to dupe users.  

Official NCC email messages should always be spell-checked to be error free. Official NCC email  messages will ALWAYS be sent from an @noctrl.edu email address.

Red Flag: Generic signature that does not include contact details

Action: VERIFY the message's authenticity with the sender BEFORE interacting with the message further. Most messages originating from an actual North Central College email account have custom signatures containing information that you can verify, including credible contact information that can be found in the NCC directory.

Additional Information: NCC accounts have received fake message with spoofed signatures that use information easily found on the College's website. Don't automatically assume the message is real just because it contains a name and title.

Red Flag: An offer that is Too Good To Be True!

Action: PAUSE! If an offer seems to be too good to be true, then it probably is! Don't click any links in the message or reply to the sender, and certainly do NOT share personal information.

Additional Information: These messages have enticing offers. Scammers are looking to collect your personal details, banking information, or credit card numbers. Never share this information via email! Some example topics include:

• Job Offers: Easy jobs that pay a lot of money (dog walkers, personal assistants etc)
• For Sale: Items for sale at extremely low prices
• FREE Stuff: Free items, but you need to pay for shipping (pianos, instruments etc)
•