��Ʒ���˸�������

Phishing attacks are becoming more sophisticated—and more convincing. One of the most effective tactics cybercriminals use is familiarity. They craft emails, forms, and websites to look like services you know and trust: your university, Google, or popular tech platforms. Their goal? Trick you into clicking, entering sensitive information, or downloading malicious content.

Here’s how they do it—and how you can protect yourself.

1. Mimicking University Branding

Attackers often impersonate university departments, faculty, or IT support. A phishing email may include:

• Official logos and signatures copied from real university emails
• “From” addresses that look almost correct (e.g., helpdesk@montclair.edu instead of itservicedesk@montclair.edu)
• Urgent language like “Your account will be deactivated” or “Immediate action required”
• Links to fake login pages designed to steal your NetID and password

Example:

Subject: “URGENT: Account Access Suspended”
From: helpdesk-support@universty.edu

“Due to recent activity, your university email account has been flagged. Please verify your identity here: [Fake URL]”

Tip: Hover over links to see where they really go before clicking. If in doubt, go to the MSU website directly.

��Ʒ���˸������� University will never ask for your password or personal information via email. Always verify the sender’s email address before clicking on links or opening attachments.

2. Misusing Google Forms and Docs

Google Forms are a tool many students and staff use for surveys, RSVPs, and class collaboration. Attackers know this—and they use it to their advantage.

• Fake surveys that appear to come from your professor or department
• “Scholarship” or “Job offer” forms asking for your login or personal info
• Docs shared via email that redirect to malicious websites
• Fake login pages asking for your 2FA codes and login credentials
  

Example:

“Dr. Smith has shared a document with you: 2025 Summer Internship Opportunities
Open here: [Google Docs link]”

(The link opens a document with another link to a fake login page.)

Tip: If a form or shared document asks for your username and password, that’s a red flag. Google Forms should never request your login credentials.

3. Using Real Service Names

Phishers regularly impersonate trusted tech platforms like:

• Google (Gmail, Drive, Forms)
• Microsoft (Outlook, OneDrive, Teams)
• Zoom, Dropbox, Adobe, etc.
  
  

They may send fake alerts about:

• “New login from an unknown device”
• “You’ve reached your email storage limit”
• “Voicemail waiting” or “Shared document access”

Example:

Subject: “⚠ Your Google Account Storage Is Full”
Body: “Your Gmail storage has reached 99%. View and manage your files here: [Fake Link]”

Even when the message looks like it’s from Google, it may not be. Look for signs like poor grammar, suspicious links, or mismatched domains.

Tip: Don’t trust an email just because it says “Google” or “Microsoft.” Always check where the link leads and verify alerts through your actual account.

How to Protect Yourself

1. Pause and think. If something feels off, it probably is.
2. Check the sender’s address carefully. Small changes can indicate a fake.
3. Hover over links. Don’t click unless you’re sure it’s legitimate.
4. Don’t enter your password on unfamiliar pages. If prompted unexpectedly, double-check by visiting the official site directly.
5. Report suspicious messages. Use the PAB button to easily report. Can’t find the PAB? Forward the email directly to phishfiles@montclair.edu.

If You’re Ever Unsure, Ask Us

Our Information Security team is here to help. You can use the PAB button or forward the email directly to phishfiles@montclair.edu. We’d rather check and confirm than have someone fall victim to a scam.

If you have any questions or concerns, please feel free to contact the IT Service Desk or your local academic technology team.

Remember: Just because it looks familiar doesn’t mean it’s safe.

Want To Know More?

Bleeping Computer |

Check Point |

Cisco Talos |