Skip to main content
Skip to main content

Phishing Example

Example of a phishing email

 Below is phishing email that was recently sent around WKU. These emails can be very convincing but are NOT sent from WKU, they are an attempt to steal your account credentials. There are usually a few signs that give these away as a `phishing` attempt, explained below the example. If you ever have any question as to the legitimacy of an email or questions about your WKU email account you can call the help desk at 745-7000. If you believe you may have responded to an email like this one please change your password as soon as possible and contact the help desk.

WKU Example phishing email


  • A good sign that this is a phishing attempt is the link itself, it leads to a form that doesn't run on WKU's web servers and only asks for your account NetID and password (called access code):

WKU example phishing link


  • You can see the link goes to a site containing the form below.
  • WKU will never ask you for your account password in a form like this, or any other way.

WKU example phishing form


  • Another good sign that this is a phishing attempt is the warning at the bottom of the message: 

WKU Example phishing warning

  • This kind of warning with an unreasonably short window for response and harsh penalties for non-compliance is intended  to scare you into filling out the form as quickly as possible without considering the source or truth of the message.
  • Note also the poor  phrasing and misspellings in the entire email.

Note: documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view,
download Adobe Acrobat Reader.

Note: documents in Excel format (XLS) require Microsoft Viewer,
download excel.

Note: documents in Word format (DOC) require Microsoft Viewer,
download word.

Note: documents in Powerpoint format (PPT) require Microsoft Viewer,
download powerpoint.

Note: documents in Quicktime Movie format [MOV] require Apple Quicktime,
download quicktime.

 Last Modified 9/24/14