Phishing: Recognize and Report

Phishing is a type of email scam where the attacker sends emails that impersonate a company (often financial), a service desk, an employer, or someone that you already know and trust. The goal is to:

  • steal personal information by tricking you into entering your username and password, PIN, or other sensitive information.
  • install malware or viruses on your computer that can record keystrokes, capture saved or stored information, or destroy files.

For example, Columbia students, faculty and staff may receive emails that appear to come from trusted sources like "CUIT Service Desk," "MyColumbia," or "President Bollinger," with a link to a website where you are asked to enter your username and password to "verify your account" (see "How to spot a fake Columbia CAS login page," below.)    

How to Handle a Phishing Message:

1. Identify the email as suspicious.  
Phishing messages usually have one or more of the following:
  • Spelling or grammatical errors. These should be immediate red flags.
  • Heightened urgency. Phishing attempts often try to get you to respond before you have a chance to think.
  • Generic signatures. A signature line with "Service Desk" or "Administration" rather than a University official whose name you can verify.
  • Requests for personal information. A request for personal information from contacts you did not initiate.
2. If you think it's suspicious, report it:
3. If you already clicked on a phishing link or have entered your information on a suspicious site: 

How to report a suspicious email to [email protected]

Updated June 15, 2020

A 45-second how-to video for LionMail/Gmail also is available to demonstrate how to report phishing.
  1. Open the suspicious message you'd like to report.
  2. Click the three dots in the upper-right corner of the message to see your options.
  3. Click Show Original. A new window (or tab) opens with the raw message, including the complete header.
  4. Click Download Original.
  5. Address an email to [email protected].
  6. Attach the downloaded .EML file to your email and click Send.

Updated June 15, 2020

A 45-second how-to video for Apple Mail also is available to demonstrate how to report phishing.
  1. Select the suspicious email that you would like to forward.
  2. Select File from the menu pane, then click Save As.
  3. Choose a location for the file (often your desktop), and change the format to Raw Message Source. Click Save
  4. Address an email to [email protected]. Attach the downloaded .EML file to your email. Click Send.

Updated June 15, 2020

1. Double-click on the message you want to forward.
2. Click on the Message Tab, and find the Respond section.
3. Expand the More Respond Actions drop-down menu, and click Forward as Attachment.

Outlook message menu with Forward as Attachment option selected

4. Send the message (with attachment) to [email protected].

Forwarded email view in Outlook

Updated June 15, 2020

A 45-second how-to video for Office 365 also is available to demonstrate how to report phishing.

1. Click the New Message Button.

With Office 360 open, click the New Message Button

2. Drag the email you want to forward into the body of the blank message (this message will be added as an attachment).

Drag the message you want to forward into the body of the blank message (this message will be added as an attachment)

3. Send the email (with attachment) to [email protected].

Send the message (with attachment) to phishing@columbia.edu.
CAS login screen with cas.columbia.edu URL

 

How to spot a fake Columbia CAS login page

The genuine CAS login page has a URL that begins with https://cas.columbia.edu (or the lock symbol followed by cas.columbia.edu). If you have doubts about the URL, check with the CUIT Service Desk at 212-854-1919 before you enter your UNI and password.

 

 

 

If you think you have clicked a phishing link or have accidentally entered your login information on a suspicious site, please change your password immediately, then contact the CUIT Service Desk at 212-854-1919.

For additional information on how to recognize and protect yourself from phishing attacks, please visit: