the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
Phishing is an illegal way that criminals gather private information for the purposes of sending spam, sending phishing e-mails, logging onto university systems and in some cases commit identity theft. They use fake emails to trick people into submitting their personal information such as Social Security numbers, passwords, credit card numbers and bank accounts.
Spear phishing targets individuals or an organization.
Instead of clicking on any link in a suspicious email, type in the URL, or do a search on the apu.edu website for the relevant department or page. Even though a website and/or URL in the email looks lreal, criminals can mask its true destination.
Keep your information private
NEVER give out your passwords, credit card information, social security number, or other private information through email.
Pick up the phone
If you have any reason to think that a department or organization really needs to hear from you, call them to verify any request for personal or sensitive information or requesting you purchase gift cards for them. Emails that say "urgent!", use pressure tactics or prey on fear are especially suspect.
Use secure websites
Always check if you are on a secure website before giving out private information. You can determine whether a website is secure by looking for the "https://" rather than just "http:" in the Web address bar or for the small lock icon in the internet browser.
Pay attention to security prompts
If your browser cannot validate the authenticity of the website's security certificate, you will be prompted. This is frequently a telltale sign of fraud, and it would be a good time to pick up the phone or report a suspicious message.
Keep track of your data
Regularly log onto your online accounts and make sure that all your transactions are legitimate.
Review your account statements.
Reset any account passwords that may have been compromised.