Skip to main content

Recognizing Phishing Attempts

Cyber Safety Notice

Be aware that cyber attackers often use high-profile situations (read more on the FTC Coronavirus Advice for Consumers) to coerce individuals into disclosing sensitive information like passwords, account numbers, and more through phishing attempts or by asking for information to be entered on fake websites. If you receive a suspicious message, do not respond to it. Instead, save a complete copy of the message that includes both the full header and the message itself. Once you have the copy saved, send it to

How To Copy an Email with Headers

PDF Poster of common phishing tactics.Email scams and phishing messages are types of electronic fraud that request recipients to disclose information or perform other potentially harmful actions.

These types of emails appear to come from reliable sources like Northwestern, your banking institution, and more, and often contain urgent requests that require the recipient to provide sensitive information―passwords, account numbers, etc.―by either replying to the email directly or by entering information on a bogus website.

In an effort to prevent email scams from reaching the University’s central email server, Northwestern’s Email Defense System (EDS), powered by Proofpoint, blocks the majority of malicious messages from being distributed to the University community. However, malicious and junk email occasionally slips through this security net.

Click on the graphic to view an enlarged version of common phishing practices, and to print out an 11 x 17 poster.

Use Best Practices

The best defense against malicious email attempts is an educated user. When you receive any email requesting personally identifiable information, follow these best practices to protect yourself and the University:

Never reply to an unsolicited email

Messages that ask for your personal information, including requests for NetID passwords, Social Security Numbers, or requests for credit card information should not be trusted. Most institutions (Northwestern, your bank or credit card company, etc.) will not email you requesting this type of information.

Do not click on links directly from emails

Open a new browser and find the supposed institution’s website yourself through a search engine or URL bar. You can also bookmark the NUValidate pages to update or verify your NetID password.

Be alert for suspicious emails

Messages with suspicious, misspelled, or awkward language, or that reference non-existent Northwestern departments like "University Webmail Support" or the "Webmail Messaging Center" are examples of scam emails. Pay attention to unusual greetings or signatures from messages purporting to be from your contacts. Compare to the list of recent phishing email attempts collected and posted by Northwestern IT.

Delete messages that are confirmed to be phishing

If you confirm or recognize a message to be a phishing attempt, delete it from your "Inbox" and your "Deleted Items" folder to avoid accidentally accessing the web sites within the bogus email.

Do not send your personal information

Never send personally identifiable information, such as passwords, credit card account numbers, and Social Security Numbers, through email.

Update software often

Regularly update and use antivirus and antispyware software, and your firewall. Be sure your applications and antivirus software are the most current version.

Always be cautious

Remember to always be cautious about opening any attachments or downloading any files from emails you receive, regardless of who sent them.

Other Types of Phishing

Phishing isn’t just for email anymore. Be aware of attacks through phone calls, texts, or other online messaging applications. Make sure you are on the lookout for these variants below on the traditional, mass emailed phishing attack.

Spear phishing

This kind of attack often involves very well-crafted messages that come from what looks like a trusted VIP source, usually in a hurry and targeting those who can conduct financial transactions on behalf of your organization (sometimes called "whaling").


Phishing attacks via SMS, these scams attempt to trick users into supplying content or clicking on links in SMS messages on their mobile devices. Flaws in how caller ID and phone number verification systems work make this an increasingly popular attack that is difficult to stop.


Voice phishing, these are calls from attackers claiming to be government agencies such as the IRS, software vendors like Microsoft, or services offering to help with benefits or credit card rates. Attackers will often appear to be calling from a local number close to yours. As with SMiShing, flaws in how caller ID and phone number verification work make this a dangerous attack vector.

Think You Spotted a Scam? Report It!

If you are unsure about the legitimacy of an email claiming to be from Northwestern, compare it to the recent list of attempts at Northwestern. If it is not listed, immediately forward the complete message with email message headers to

Remember, Northwestern will never ask for personally identifiable information.

If you believe you have responded to a malicious email, change your NetID password immediately, and call the Northwestern IT Support Center at 847-491-4357 (1-HELP) to report the scam.

Last Updated: 5 May 2020

Get Help Back to top