Holiday Phishing Scams – Seton Hall University

The holiday season is prime time for phishing scams aimed at stealing sensitive, personal information (e.g. passwords, credit card numbers, Social Security numbers), which in turn can be used for fraud or identity theft.  As your inbox fills with Christmas shopping deals, holiday greetings, travel discounts, and New Year’s specials, the Department of Information Technology wants to remind you of these important tips for identifying and avoiding phishing scams. 

How to Spot a Phishing Attack 

Phishing email messages are designed to steal your identity. They ask for personal data, or direct you to a website or phone number where you are asked to provide personal information.  When you receive an email, even if it appears to come from a trusted source, be aware of the common warning signs of a phishing attack.   

1. Unverified Sender Information 
   You receive an email from a popular cruise line, but the sender is using a public email domain such as Gmail, Yahoo, or AOL.

   Scammers will often customize the sender’s display name to be familiar and general. Check the full email address of the sender to ensure that the domain name (what follows the @ symbol) matches the apparent sender.  Also, check for emails that resemble the name of a well-known company (@shu.edu), but are slightly altered by adding, omitting, or transposing letters (@shu.com).
    

2. Spelling and Grammar Mistakes 
   The subject line of the email reads, “book an Cruises this winter.”

   Pay special attention…