- Security Home
- Security Staff
- Send Files Securely
- Safe Computing
- File Sharing
- WKU Phish Bowl
- International Travel
- IT Security Bulletin
- Annual HEOA Notice
- Security Awareness Training
- PCI at WKU
Example of a phishing email
Below is phishing email that was recently sent around WKU. These emails can be very convincing but are NOT sent from WKU, they are an attempt to steal your account credentials. There are usually a few signs that give these away as a `phishing` attempt, explained below the example. If you ever have any question as to the legitimacy of an email or questions about your WKU email account you can call the help desk at 745-7000. If you believe you may have responded to an email like this one please change your password as soon as possible and contact the help desk.
- A good sign that this is a phishing attempt is the link itself, it leads to a form that doesn't run on WKU's web servers and only asks for your account NetID and password (called access code):
- You can see the link goes to a 123contactform.com site containing the form below.
WKU will never ask you for your account password in a form like this, or any other way.
- Another good sign that this is a phishing attempt is the warning at the bottom of the message:
- This kind of warning with an unreasonably short window for response and harsh penalties for non-compliance is intended to scare you into filling out the form as quickly as possible without considering the source or truth of the message.
- Note also the poor phrasing and misspellings in the entire email.
Note: documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view,
download Adobe Acrobat Reader.
Note: documents in Excel format (XLS) require Microsoft Viewer,
Note: documents in Word format (DOC) require Microsoft Viewer,
Note: documents in Powerpoint format (PPT) require Microsoft Viewer,
Note: documents in Quicktime Movie format [MOV] require Apple Quicktime,