Recognizing and Stopping Phishing Scams

Purdue Systems Security would like to remind everyone that it is important to stay vigilant and strive to protect your account and personal information.

Phishing attacks attempt to gain access to your accounts or even scam someone else using the personal information you provide. The attacks are intentionally sneaky and seemingly trustworthy, often appearing to be sent by someone affiliated with Purdue, possibly in your contacts. Be aware that just because an email is from a purdue.edu address does NOT necessarily mean it is legitimate or safe!

Be wary of any emails that request you to:

• Provide or confirm personal information (PUID, password/PIN, banking information, phone number)
• Verify your email
• Reset your career account
• Update your MFA (Multi-Factor Authentication) method
• Prevent account from being deleted
• Purchase a piano
• Apply for a job as a personal assistant
• Immediately read an important document
• Urgently click a hyperlink that does not lead to a purdue.edu website

IT (Information Technology) will NOT ask for your credentials or for you to change your password via email.  You must call the Customer Service Center at (765) 494-4000, visit one of their help desks, or navigate to IT’s website to change your password.

Similarly, the Office of Student Employment does not ask other students or staff to send emails of job offers available across campus. To browse the latest student jobs on campus visit their website.

To report suspicious or malicious emails to the security team, please utilize the Report Message button inside your Outlook client, which can be found in the top banner or by right-clicking an email in Outlook on the web (OWA). You can also report emails directly by forwarding them to abuse@purdue.edu.

To learn more about how to better spot phishing and scams please read through: https://www.itap.purdue.edu/newsroom/2019/190405-How-To-Spot-Phishing.html.