Identifying Phishing Attempts - KBA 27196

Don't Click That!

Phishing is the fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

There has been a recent series of Phishing emails to CWRU users urging recipients to click on a weblink in order to keep their accounts open.

These links take users to official-looking but fraudulent imitations of the CWRU Single Sign-On page, hosted on non-CWRU-owned web servers.

Before clicking any weblink, hover (but don't click) the mouse pointer over the link to reveal the real Web address. Depending on your browser, it may appear as a pop-up near your mouse pointer or at the lower-left corner of your browser window. If you have already clicked the link, check the address bar to verify that the page you are on matches the text of the link you clicked.

CWRU University Technology, UTech does send notifications to users when passwords need to be changed to comply with the 365-day password age policy. Those notification emails intentionally contain no links; we request that users contact the UTech Help Desk for direction to the authoritative account management pages. You should NEVER enter your CWRU account credentials into a page outside the domain.

If you have additional questions about phishing, please contact the UTech Help Desk (216) 368-HELP (4357).