Phishing

As a college, we often experience phishing email cyber attacks. You will likely receive some during your time here, so we want to help you learn what to look out for. The key is to be mindful of what you share and click.

We've recognized and stopped most, but some have succeeded. One stole straight from a YCP employee's direct deposit, after claiming they wanted to change their bank info for the next payroll. Another used ransomware to steal and withhold a YCP student's work and personal info; she was forced to pay a hefty fee before getting her content back.

Please be highly suspicious of any emails that ask you to click a link, change an employee or student record, or send money or gift cards. Contact us if you see any such thing.

Spot a phishing email

  • Mismatched email address - Ensure that the email address displayed in the From: section matches the sender’s name and email address. Every employee should be using their @ycp.edu email address to communicate with other employees.

  • Urgent request - Phishing attacks will attempt to rush you into taking action before you can verify the request. They appear to come from a person or department with authority, such as Human Resources, the president, or a dean.

  • Bad spelling or grammar - Often, these scams are thrown together quickly and/or from abroad.

  • Generic signature line - Emails from YCP employees usually have a signature line at the bottom, with a name you can verify and valid contact information.

  • Unexpected request - Demands for employee or student information, or requests to purchase gift cards.

If you receive a suspicious email...

  • Verify the request - Look up the sender in the directory then ask them if their request is valid.

  • Contact us - Forward the email to LTShelp@ycp.edu. Please let us know whether you took any actions from the email or provided any information.

  • Report it to Google

  • Delete the message - After you forward the message to us, we'll have all we need to investigate.

Learn more

Google Calendar Phishing:

Google Workspace calendar phishing involves attackers sending fake calendar invitations with malicious links to trick users into revealing personal information. To stay safe, do not click anything in the invitation and report it as spam before deleting it. You can also prevent future invites by changing your Google Calendar settings to automatically add invitations to your calendar only if the sender is known or when you respond to them. 
Immediate actions to take

  • Do not interact: Do not click links, call phone numbers, or respond to the event (Accept, Decline, or Maybe). Declining confirms your email is active and can lead to more spam.
  • Report as spam: Open the event, click "More" (three dots), and select "Report as spam". This helps Google improve its spam filters.
  • Delete the event: After reporting, delete the event from your calendar. 
Preventative measures
  • Change your settings: Go to Calendar Settings (gear icon) > Event Settings.
  • Adjust "Add invitations to my calendar": Change the dropdown menu from "From everyone" to "Only if the sender is known" or "When I respond to the invitation in email".
  • Be cautious: Even with stricter settings, always be wary of unfamiliar or suspicious invitations. 
Why this is a threat
  • Bypass spam filters: Attackers send invites that may bypass email spam filters, but the event can still appear directly on your calendar.
  • Use calendar integration: This method takes advantage of the Google Calendar's functionality to get events onto your calendar, even if the email is filtered out.
  • Exploit user behavior: Scammers rely on users clicking on the event to investigate, which leads them to fake login pages or other malicious content.

Still having trouble or feel like your are compromised? 

Submit a Ticket Here

Print Article