Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by pretending to be a trustworthy entity in an electronic communication.

Phishing attacks are on this rise—don't fall for their bait! Remember: George Mason University will never ask for your personal information over email.

Articles about phishing are available in the ITS knowledge base.

Tips to Avoid Being Caught

Recognize generic communication

General greetings such as ‘Dear User,” “Dear Gmu Student/Faculty,’ or ‘Email user’ are for mass mailings. Those greetings are not signs of a personal or business relationship and ought to signal caution, so be suspicious of the vague salutation.

Be wary of requests for confidential information

Do not share passwords, Two-Factor Authentication codes, or account details.

Question ‘scare tactic’ messages

Threats about account closures, account sizes exceeding limits, and loss of access are fraudulent warnings.

Avoid clicking active links without verifying

Links in fraudulent emails can hide actual addresses. Some links will download spyware or malware.

Keep software up-to-date and perform regular scans

Software updates often contain patches that will block malicious programs. Anti-virus, spyware, firewall, and antispam help protect against threats.

Delete emails from unknown addresses

When in doubt about the legitimacy of a request, follow up by using one of two safety protocols: log onto the website directly by typing the main address in your browser or call the company on the phone.