Facebook Pixel ITS - Phishing | Western Kentucky University

Phishing Information

Phishing is a common scam that attempts to lure you into giving up your username, password, or other sensitive information by masquerading as someone you know and trust. This can be done by phone, but is typically done in email. The email may appear to come from WKU or another company you do business with, and it often asks you to click a link, open an attachment, or reply with your account or personal information.

What is Phishing? Video Preview


Additional information


Tips to Spot Phishing

  • Be suspicious of email that alerts you to problems with your account, is labeled “Urgent”, or requires “Immediate Action”.
  • Be suspicious of attachments and only open those that you were expecting.
  • Be suspicious of email from a friend or colleague that looks odd or out of place.  If their email account has been compromised by an attacker, it could be used to send phishing email.
  • Examine from “From:” email address.  Often the “Display Name” will say something that looks familiar, but the underlying email address (with the “@” sign) is obviously foreign or nothing you recognize.
  • Examine the underlying URL on any links.  Regardless of how the link is labeled in the email, the underlying link on a Phish email will usually not be a “wku.edu” address.  
  • If you click on a link be sure to look at the address bar of your browser.  If the domain does not end in wku.edu you are not on a WKU page.

If you are uncertain about the authenticity of a WKU email, please contact the ITS Service Desk.


Reporting Phishing

  • If you receive a phish that targets WKU (asks for your NetID, references your WKU accounts, impersonates WKU), use the Report Message action in the Outlook client.
  • If you receive a phish that targets a company, please consider reporting it to them.
  • Consider reporting the phish to the Anti-Phishing Working Group, an organization dedicated to fighting phishing and cybercrime.

Once you report the message, it is important that you delete it immediately.


Information for Victims

If you responded to a phishing message, take the following steps to protect yourself and others:

If you are a WKU employee

  1. Contact IT Support
    WKU employees are required to report their responses to phishing messages to the ITS Service Desk. It is essential that you tell us whether or not you released any WKU institutional data or personal information about WKU faculty, staff, students, or alumni.
  2. Change your NetID password
    If you responded with your NetID username and password, please immediately change your NetID password.
  3. Report the phishing message
    Please see the information regarding reporting.

If you are a WKU student

  1. Change the appropriate passwords
    If you responded to a phish with your TopperMail username and password, please follow these steps.  If you responded with your NetID username and password, please immediately change your NetID password. If you are unsure about any part of this process, please contact the ITS Service Desk.
  2. Report the phishing message
    Please see the information regarding reporting.

If you believe you are the victim of identity theft

  • Contact your local authorities to file a police report.
  • Refer to the FTC website on repairing identity theft.
  • Obtain your credit reports from Equifax, TransUnion, and Experian and place them on a "Fraud Alert."  Consider a "Security Freeze" on your credit, which is stronger than a fraud alert but prevents 3rd party access to your credit report.  Consult with one of the three credit agencies for more details.
  • Consider a credit monitoring service.
  • Close any accounts, particularly financial accounts, that might be affected.


Phishing Examples

To see some general examples of phishing attempts, click here.

Phishing Example


Need Assistance?

The WKU ITS Service Desk is here to help. Give us a call, chat with a representative online, use the Self-Help Knowledge Base and more.

Get Help

Some of the links on this page may require additional software to view.

 Last Modified 12/2/22