Phishing Attacks: Don't Take the Bait!

What is phishing?

Phishing scams are fraudulent email messages that appear to come from legitimate sources (e.g., Oxy, your bank, or your Internet service provider). Usually, the messages direct you to a fake website or otherwise attempt to get you to divulge private information (e.g., password, credit card info, or other account details). The perpetrators then use this private information to commit identity theft.

What to LOOK FOR

  1. Wrong names: your name, the organization's name, or a group within the organization's name. 
  2. Misspelled words and/or bad grammar.
  3. Incorrect or suspiciously complicated URLs.
  4. From a wrong or unknown email address.
    email icon with fish hook

    Is it a Phish? Drop us a line.

    Please forward the message to and then delete it from your email.

    Example of a phishing email:

    In this phishing attempt, the email came from "Oxy - Public Health" and cited "Occidental College Public Health Care" which is not an office that exists at Oxy. The phone numbers listed were not actual Oxy phone numbers, and though the email address it came from had at the end, it too, was fake. 

    If the organization's name and/or email address are not 100% accurate, delete the email. You can always call or visit the department to ask if you're not sure about an email.

    Be aware of links that could navigate to a very good copy of our login page. The sender is hoping you will enter your username and password to steal your credentials. Always double-check the URL of every login page before you enter your information.

    Example of a phishing email

    A. The department and email addresses in this email are fake and do not exist at Oxy.

    B. Warnings like "authentication is required" are common and are intended to get you to not look too closely at the login page they direct to.

    C. These phone numbers do not belong to Oxy and the email address in the footer does not match the sender email address.

    D. Hover over links before clicking to see where they take you. The link URL will appear at the bottom of the window as shown above.

    What to DO

    Even messages purporting to come from the ITS Helpdesk, ITS staff, or any Oxy employee could be faked, or the account could have been compromised. Especially if the message contains a threat (losing access to your email or another account) or urges an immediate response, type the URL for the service directly into your browser, or go to the homepage to find the my.oxy login link.

    It is possible to spoof an email address or for an account to be compromised and used to send out phishing emails, so if you didn't expect an email of this nature from this person or account, don't click on the link.

    Hover over the link (don't click!), or for a touchscreen, lightly press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window or the menu pop-up on an iPhone.) Don't click on a link unless it goes to a URL you trust.

    Verify the link in your browser bar before entering Oxy credentials! You should see a known URL. A few tactics that phishing attempts may employ are:

    • Hiding the real link in the email: using "Click here" or even displaying a URL such as "" when the underlying URL is pointing somewhere else.
    • Using a URL that's close to but not the actual URL - for example, using .net if the company's site is .org or .com.
    • Redirecting the URL to another site

    More phishing examples

    We have noticed several phishing schemes directed at Oxy including:

    • Blackmail attempts involving Bitcoin.
    • Emails falsely representing Oxy community members.
    • Alerts falsely notifying you of account breaches.
    Contact ITS
    Academic Commons

    1st Floor, Suite 116