News & Updates

Information Security: Be Aware of Phishing!

By Jerry Tylutki

February 18, 2020

Some of the more common messages begin with a simple one line email message similar to "are you around? I’m out of the office and need you to do something." These messages spoof a sender so the name appears to be someone you know, perhaps your manager. Be aware of the REPLY-TO email address. An alias, the name that the sender appears to be, is easy to manipulate. However, the REPLY-TO email is a telltale sign for phishing messages. 

In these phishing messages, the reply-to address will not be the Hamilton College email address but a random gmail[dot]com email address. Be extremely wary, it could be spoofed to appear as something more relatable, such as username.hamilton[at]gmail[dot]com -- notice how this might appear legitimate at first glance? Make sure you are responding to the person you want to respond to! 

When in doubt, confirm! Call, walk down the hall, or send a new email to a known email address. The goal of this phishing message is to commonly get the person to respond to the email and purchase gift cards for the malicious actor. If you respond to the first message and catch yourself afterward, immediately stop responding to the email thread and notify Jerry Tylutki at security@hamilton.edu.