Phishing Information

Hero Background 5

What Is Phishing?

Phishing is the practice where a malicious person or people impersonate someone for malicious gain. These people will try and gain information, such as passwords or login information. Being aware of phishing attempts and following the points below will keep your information safe. If you believe your Siena Heights credentials have been compromised, immediately reset your password through MySiena or​

The information below is permanently available on the DoIT page for Phishing & Account Security.

Keeping Your Account Secure

Stay Alert & Use Common Sense

Common errors in phishing emails include grammatical errors and strange characters. If an email is difficult to read, or is short and simply asks you to open an attachment or view a link, it is most likely a phishing attempt.
If you click on a link, check the URL. If the website is trying to act or look like another website, close the tab immediately.

Call for Clarification

If you receive an email from a department, call them! Calling the on-campus office or person may reveal they never sent the request in the first place. If this occurs, contact IT immediately so we can investigate. Call x7655 and let our helpdesk know you have suspicious activity to report.

Grammatical Errors & Odd Requests

If you receive an email that seems unusual or questionable, do not reply or interact with the email. Attachments or links in questionable emails can contain viruses or websites that will steal your information. Always double-check the sender if you are suspicious of the email. Do not hand over sensitive information without verification as to why it is needed.

Follow-up for More Information

You ​can also send an email to ask for more information. If an email comes through from your “boss” but seems suspicious, send your boss a new email asking for clarification. Do not trust the email sent to be the real email address for your boss. If the email does not originate from and is impersonating a faculty/staff member, do not send sensitive information or reply.

Check the Sender of an Email

Check the address the email was sent from. Check the “Send Email” field after double-clicking. If the email looks suspicious and is not from a email address, do not reply. You can contact the IT helpdesk by emailing us at or calling us at x7655 if you have questions about an email.

Contacts that do not display an email in braces are from the SHU Global Directory.

Common Phishing Requests

Below are common phishing requests. If you are asked to perform any of the following, be cautious as the email may not be a legitimate request.

  • Purchase gift cards and send the codes via email.
  • Open a document shared through Dropbox, OneDrive, Google Drive, etc. If you do not know the person sharing the document, never click on the link.
  • Visit a page to login with your Siena Credentials. 
  • Visit a page to reset your password (Note: IT will never ask you to visit a page to reset your password. Only reset your password through mySiena or one of the computers on campus).
  • Follow a link to increase your mailbox space.

The above are phishing attempts​. Do not reply or engage with them!

Examples of Phishing Emails

The below image gallery is a collection of real phishing emails sent by malicious people. These emails work, and have been used to phish the SHU community. Click one of the below pictures to enlarge the view.

Leave a Reply

Your email address will not be published. Required fields are marked *