What is Phishing?

Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed web site and ask you to provide private information (e.g., password, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.

Examples of phishing attempt are: (1) an email message stating that you need to re-activate your account to avoid being cut off from it, (2) instructing you to click a link to access a requested document, or (3) to verify your account due to fraudulent activity. Phishing messages are designed to make you panic and react immediately, rather than thinking about what you are doing.

How Do I Avoid Being Phished?

  1. Be wary of emails that contain links or attachments when you are not expecting to receive either. Do not click links or open files in unfamiliar email.
  2. Don’t always believe what you see, scammers can take control of anyone’s email account – just because an email looks real, doesn’t mean it is.
  3. Be cautious of generic emails that are asking you to perform actions not normally asked of you via a generic looking email from someone that you may not have ever met.
  4. If you click the link, check the website address in the browser before doing anything else – if you are logging into a Baylor account, you should see Baylor website address in the address bar.

How can I identify a phishing scam?

The first rule to remember: Never give out any personal information in email.

No institution, bank or otherwise, will ever ask for this information via email. It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

  • In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.
  • Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

Who do I contact if my Baylor account has been compromised?

If you believe your Baylor credentials have been compromised, you must attempt to reset your password immediately. If you’re unable to reset your password, promptly call the Help Desk at 254-710-4357.