Phishing Awareness

Report phishing

To report possible phishing attempts or junk mail, you can use the "Report Message" button within Outlook.  Please refer to this Knowledge Base article on how to use this method to report Junk or Phishing.  Reporting phishing using is only for cases where the button is not available (Mac mail, non-outlook mobile apps, etc.).

If you become aware of a phishing scam, you may also consider filing a complaint with the FBI through their Internet Fraud Complaint Center website or forwarding the email to the Federal Trade Commission and the company being spoofed.

What is phishing?

A malicious attempt to gain personal info

Phishing is an attempt to acquire personal information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.

Communications purporting to be from "Auburn University," popular social websites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by email spoofing and often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Don't become a victim of phishing attempts:

Auburn University will NEVER ask for your account information (username/password) or other personal information via email.

Note: Auburn University cannot be held responsible for users that fall for phishing attempts delivered through the University email system. The Office of Information Technology and Risk Management and Safety encourages you to review this information, understand its importance and become vigilant of phishing attempts.

Phish Tank

Visit our phish tank for examples of the latest threats to the Auburn community.

Alarming statistics

Warning signs

There are often signs that can tip you off that a message may not be what it appears.

If you have or may have fallen for a phishing scam

  1. Immediately change the password to the online account the phishing email was pretending to be from and to any other accounts that used the same login information.
  2. Contact the IT Service Desk at (334) 844-4944 or
  3. Run a virus scan on your system using anti-virus software.
  4. If you believe you may be the victim of identity theft, visit: Federal Commission for Identity Theft
  5. Forward the phishing email "as an attachment" to and then DELETE the message from your Inbox.
  6. Regularly check your banking and credit card accounts for any unauthorized transactions that may have been initiated by the phishers.

Links and references

For avoidance tips, more info and examples try these sites: