What is Phishing?
Phishing is a type of Cyberattack where attackers impersonate legitimate organizations or individuals to trick you into revealing sensitive information like passwords, financial data, or personal details. These attacks often come via email, text messages, or fake websites.
🎯 Why College Staff Are Targeted
As a member of a NIC staff, you have access to valuable data, student records, financial systems, research, and institutional credentials. Attackers know this and often tailor phishing campaigns to exploit your role.
🚩 Common Signs of Phishing
- Urgent or threatening language: “Your account will be suspended!”
- Generic Content: The email doesn't have any information particular to you aside from the email address
- Suspicious links or attachments: Hover over links to check their destination.
- Unusual sender addresses: Slight misspellings or unfamiliar domains.
- Requests for sensitive info: IT will never ask you to share your password. After being hired, NIC won't request contact information via email.
🛡️ How to Protect Yourself
- Verify before you click: If something feels off, trust your instincts.
- Use official channels: Contact the sender directly using known contact info.
- Report suspicious messages: Use the “Report Phishing” button in Outlook.
- Keep software updated: Security patches help protect against known vulnerabilities.
- Enable multi-factor authentication (MFA): Adds an extra layer of protection.
📚 Real Phishing Subject Line Examples
- “Re: Attention Announcement Message North Island College”
- “Contact Details”
- “Quick Action Needed to Complete Delivery”
Here are pictures of recent examples along with indicators that give them away as phishing.
🧠 Test Your Knowledge
Take the anonymous 5 question Phishing Quiz