Information Security
  /  
Security Incidents
Phishing E-mail Attempts

The University uses the Email Defense System to scan and filter phishing attempts, junk email, viruses, and malicious high-risk attachments.

Despite best security efforts, phishing attacks can still occur. The consequences of responding to phishing emails can be devastating to the individual providing the personally identifiable information and to the University as a whole.

Do not click on any links, open any attachments, or respond to emails you suspect are a phishing attempt.

Identifying a Phishing attempt

Check out the How to Identify a Fraudulent Email Scam video on the NUIT Communications YouTube Channel for more information on how to spot phishing email scams. And review the Information Security section on the McCormick website for more information on Protecting Your Information and Identity.

Northwestern will never ask for personally identifiable information, such as passwords, Social Security numbers, or account numbers. Official @northwestern.edu email accounts should be used to conduct University business; not unauthorized Gmail accounts.

Reporting a phishing attempt

If you think you’ve received a malicious email, check to see if the phishing attempt has already been reported. Then, forward the suspect email along with the email headers to your McCormick local IT support or security@mccormick.northwestern.edu so that the message can be blocked if it is identified as an attack. Finally, delete the email from your mailbox.

If you have responded to a suspected scam e-mail, you should reset your NetID password as soon as possible and contact your McCormick local IT support.