See a link?
You could compromise your academic, personal or financial data by clicking too fast. Phishing is an online scam involving emails with a clickable link that appears to be from a trusted source.
Who sent the link? Why do I need to click the link? Where does the link go? How else could I take the same action? Learn how to identify the signs of phishing.
Stop and think!
Who sent the link?
Is the email containing links from a teacher, business unit of the university, fellow classmate, friend or even a family member? Do you know the sender? And did you expect to receive an email from them?
Why do I need to click the link?
Is the email asking you to click a link to update personal information? Are you being asked to visit a website?
Where does the link go?
Are there grammar issues in the email or link? Typos? Does the text of the link match the destination?
How else could I take the same action?
Could you visit a trusted website without clicking the link in the email? Could you call the sender?
By clicking a phishing link, you may compromise your WMU Bronco NetID and allow access to change your personal data within GoWMU. You could also allow viruses or other malware to infect your computer. If you have any questions about whether or not the message you received is phishing, contact the Technology Help Desk.
Recent Phishing Attempts
Visit the recent phishing page to view examples of phishing messages that have been received at Western Michigan University. They are posted as they are received, however do not assume that because the message you received has not been posted there (yet), that it is safe to assume it is a valid message. If you receive a message that appears to be a phishing attempt, always hover your mouse pointer over the link it contains to see where it will actually take you if you click it. On a mobile device you can long press the link to view the destination. If the actual URL does not match the displayed link text, do not click it. Forward the message as an attachment to firstname.lastname@example.org and then flag the message as "Phishing" in your email. Learn how to forward the message as an attachment.