Trinity Logo
Students  Alumnae/i  Faculty/Staff
Technology Services | Phishing ABC’s

How to Spot a Phisher

What is phishing?

Phishing is a form of social engineering which attempts to acquire sensitive information, such as usernames, passwords, and bank account details by pretending to be from a trusted person or part of a trusted group.

How does it spread?

Phishing is typically spread electronically through email, instant messaging or social media websites. It often directs users to disclose private information at a fake website whose look and feel are almost identical to a legitimate one. Phishers may also target individuals through phone calls.

What does a phisher ask for?

A phishing attack will attempt to have you disclose any of the following private information:

  • Your username & password
  • Your bank account or card number
  • Personally identifiable information, such as your date of birth, social security number or address
  • Confidential information (ie – student record or financial information)

What does a phisher do with my information?

A phisher typically uses your account for illegitimate purposes. This may include logging into your email to send spam, accessing confidential data, performing identity theft, or even withdrawing money from your bank account!

How do I protect myself against phishing?

Technology Services recommends taking the following precautionary measures to protect yourself against phishing:

  • Change your password regularly! View our login information for more details.
  • Ask yourself whether you should be sharing the information requested.
  • Before clicking on a web link, inspect it.
  • When in doubt, delete the message.

What do I do if I fell victim to a phishing attack?

If you have disclosed your login or other sensitive information at any time, change your password immediately! Following, notify Trinity ITS for further assessment.

Phishing Example

The message below is a phishing attempt received by a Trinity employee. The message, signed by the “IT Department” is requesting to activate the usage of “network services such as email and internet.” Trinity ITS will never ask to activate services, or require your username and password.

Screen capture of an example phishing email

This message exhibits the following typical characteristics of a phishing attempt:

  • The sender, Irwin Jake, and email address,, is not someone the Trinity employee has associations with.
  • To: address is blank, or sometimes includes someone else’s name.
  • The subject is suspicious, reading Dear Staff,.
  • Vague message content with grammatical errors. Trinity ITS proof-reads campus-wide notices prior to distribution and never asks for service activations.
  • Hovering the mouse cursor over the suspicious Click Here link reveals a URL not part of the domain.
  • Message footer does not comply with Trinity ITS’ email footer.

While not all phishing attempts exhibit the above characteristics, Trinity ITS recommends being mindful of these when handeling electronic communication to safeguard your account and prevent sensitive information from being in the wrong hands.

For best service, contact Technology Services using our online Service Request Form. You can also contact us at 202-884-9811. The Technology Services office is located on the first floor of the Payden Academic Center, Suite 122.



Student Services

Campus Services

About Trinity