Information Technology Services
Virtual Visit Request info Apply
MENUMENU
  • Services
    • Services for...
      • Students
      • IT Services for Faculty
      • IT Services for Staff
      • Affiliates
    • Hardware & Software
      • Computer & Tablet Purchasing
      • Printing
      • Web Browsers
      • Software for NAU Students
      • Software for NAU Faculty & Staff
    • Communication & Collaboration
      • Email & Calendars
      • NAUgo Mobile App
      • Phones, Mobile, & Voicemail
      • Video Conferencing & Messaging
    • Professional Services
      • Enterprise Business Analysts
      • Development
      • Project Management
      • Training & Documentation
      • User Experience & Design
      • Web & Mobile Development
    • General Services
      • A-Z Index
      • Service Catalog
      • Service Management
    • Infrastructure & Networking
      • File Sharing & Storage
      • Remote Services
      • Servers & Hosting
      • Wi-Fi & Networking
    • Academic & Research Technology Services
      • Canvas
      • Classroom Support
      • Computer Labs
      • Survey & Statistical Services
  • Security
    • Information Security
    • Phishing
    • Two-Step Verification
    • Antivirus
    • Data Security
  • Get Help
    • Search Knowledge Articles
    • Submit a Ticket
    • View My Tickets
    • Contact Information & Hours
  • About
    • About ITS
    • Contact Information & Hours
    • Directory
    • News
    • ITS Employee Forms
    • ITS Meeting Spaces
    • Organizational Structure
    • About our CIO
  • IN
  • ITS
  • Email Phishing

Contact Information Security Services

Email:
phishing​@nau.edu
Call:
(928) 523-3335

Unsure about an email?


Report a suspected phish to NAU's Cybersecurity team by forwarding the email to us.
Report a Phish

Email Phishing


Report a Phish

If you caught a phish, or think you’ve caught a phish, report it by forwarding it to phishing@nau.edu. After you report the suspect email please delete while we investigate and remediate malicious emails.

Have questions? Concerns? Feedback? Keep reading for more information.


General Phishing

What is phishing? Accordion Closed

Phishing is the process of a malicious entity attempting to acquire sensitive information such as usernames, passwords, and financial details by masquerading as a trustworthy source in an email or other electronic communication in order to steal your data, access University systems, or install malware.

How do I know I’ve received a phish? Accordion Closed

Many phishing attempts will request that you take action by clicking a link or performing a strange action, such as sending a gift card or personal financial details. However, in today’s day and age, phishing has gotten more advanced; they are no longer easy to spot and comical in demands…your Nigerian Prince is not going to send you money.  Modern phishing attempts are well executed and getting harder and harder to spot.

This is to say, you may not know. If you are ever unsure, you can have us check for unusual behavior on the email by reporting.

I think I clicked on something I shouldn’t have, now what? Accordion Closed

First, don’t panic. Many times, quick reporting can help mitigate the negative impacts of the accidental click. Then:

  • Close the browser
  • Report it.
  • Change your password if you shared it.
  • If you are receiving an unsolicited Two-Step Verification push notification, contact the ITS Service Desk for assistance in recovering your account.
  • If you notice any unusual downloads or unexpected behaviors on an NAU supported devices, contact the ITS Service Desk to have it evaluated.

What could happen if you fall for a phish? Accordion Closed

If you click on a phishing link, or open a malicious attachment, several things can happen:

Your personal information may be stolen.  Phishing attacks often involve tricking people into entering their personal information, such as login credentials, DUO authentication codes, credit card numbers, etc. into a fake website.  If you happen to provide this information to the bad actors, it can be used to steal your identity, commit fraud, or other malicious purposes.

  • Malware can be installed on to your device.  Phishing emails may contain links or attachments that, when clicked, can download malware onto your device which can take control of your device, spy on you, steal your work or personal information, or use your device to continue spreading the attack.
  • Your accounts can be compromised.  If you enter your login credentials or DUO authentication codes on to a fake website, the bad actors can use that information to log into your actual accounts and take them over, which can lead to theft of your work or personal information and even cause financial loss.
  • Your device can be locked or encrypted.  Some phishing attacks involve ransomware, which can lock or encrypt your data or data you have access to and demand a payment to unlock the data or prevent publicly disclosing the data.

Clicking on a phishing link or opening a malicious attachment can have serious consequences for you, your department, and NAU.  It is important to always be cautious and verify the authenticity of emails and links before clicking on anything.

Common phishing signs Accordion Closed

  • The message is poorly written; it may contain strange grammar and spelling.
  • Requests that you provide personal information such as your NAU password, credit cards, bank accounts, phone numbers, addresses, etc.
  • The email contains a strange attachment you weren’t expecting.
  • Attempts to scare the recipient by creating a sense of urgency by threatening to close accounts, overdraw funds, etc.
  • Offers for jobs, awards, or other incentives that are too good to be true.
  • The ‘from’ address doesn’t seem correct, or does not match the domain of where the message was sent.
  • Requests for money or donations.

*It’s important to note that even if an email doesn’t contain these indicators, it may still be a phish!


Real Examples of Phishing at NAU

Example of a fake CAS login page Accordion Closed

This login page looks authentic, but is actually identifiable as fraudulent upon closer inspection. The end of the domain address (everything before the ‘slash’, or ‘/’) ends in ‘.com’ instead of ‘nau.edu’. If a user is in a hurry or careless, they can see the ‘nau.edu’ and overlook this. This is a cheap trick used by cyber-criminals, but is still very effective for an inattentive user to fall for.

Fake NAU login page with the domain ending in .com, and not nau.edu.

Always check the URL of any site that you intend to enter your NAU credentials in. The best cybersecurity defense is your own perception.

Example of a fake DUO page Accordion Closed

Using what was shown in the previous example, we can see that this DUO prompt is fraudulent based off the domain URL, which ends in ‘.com’ instead of ‘nau.edu’. Again, the attackers attempt to catch users off-guard by including ‘nau.edu’ after the slash.

NAU Users should also be able to recognize that this isn’t what our NAU DUO page currently looks like. This is an outdated DUO page, with only one option for authentication. NAU also does not provide a ‘remember me for 90 days’ option.

A fake DUO prompt, with a domain ending in .com, and the incorrect interface.

If an NAU user were to enter their user ID and password, followed by their DUO one-time password; they would be granting a cyber-criminal full access to their financial account, direct deposit, social security, tax information, addresses, and more.


Report Phishing


What should I do if I receive a phishing scam? Accordion Closed

If you receive a phishing scam, don’t respond to it, click on links, or open attached files. Easily report a phish by forwarding a suspicious email to phishing@nau.edu.

If you believe your NAU account was compromised, immediately change your password, and contact the ITS Service Desk.

How do I report? Accordion Closed

While you are on the suspicious email, you can forward it to phishing@nau.edu. If there were attachments on the email, ensure they are attached.

We are no longer requesting headers or asking University Community Members to use our retired Report a Phish application.

Is it safe to forward the phish? Accordion Closed

Yes, if you forward it to phishing@nau.edu. This mailbox is specifically setup to allow NAU’s security team to safely examine and evaluate suspicious emails.

No, if you forward it to your supervisor, co-workers, or other University Community Members. While it can be tempting to attempt to warn your coworkers or ask them if they think it is a phish, forwarding the potentially malicious email can cause it to spread further and faster.
You should not forward or share suspected phishing emails to any email other than phishing@nau.edu.

What if I’m wrong? Accordion Closed

After reviewing the reported email, we’ll let you know if we do not evaluate the email to be an active threat and thank you for your report. It is far easier to proactively check an email for suspicious behavior, than it is to clean up accounts and devices after a University Community Member clicked on a bad link.

Why should I report? Accordion Closed

If you were walking down the hallway and saw a potential tripping hazard or spill that you couldn’t clean up yourself, you would call it in. Facility Services would then come out and make that spot in our University safe again.

Reporting potential email hazards, phishing, enables our Security Operations Team to clean up that spot in our University systems.

By reporting phishing emails you make NAU safer for all of our Community Members.

If you have any other questions, comments, or feedback you can reach us by opening a ServiceNow Ticket.

 

Information Technology Services
Location
Building 54
Information Technology Services
1301 S. Knoles Drive
Flagstaff, AZ 86011
Mailing Address
PO Box 5100
Flagstaff, AZ 86011
Email
ask-its@nau.edu
Phone
928-523-3335
888-520-7215
Social Media
Visit us on Twitter Facebook Instagram Youtube