Avoid Phishing Attacks

Owned by Max Parmer
Last updated: Oct 22, 2024
4 min read

Phishing emails look similar to legitimate communications from PSU administration or colleagues, but are actually an attempt by malicious entities to steal your information.

Phishing attacks are designed to fool people into divulging things like Odin account usernames and passwords, credit card details, and other sensitive information. They often appear to be document shared unexpectedly, or ask you to follow a link to a page that looks like an official PSU webpage and enter your Odin account credentials.

Table of Contents

Protect Your Information

If you believe you've received a phishing email, you should take the following steps: 

  1. Report the email.

  2. Mark the email as phishing or spam.

  3. Reset your password.

Reset your Password

If you've followed a link in the email and entered your Odin username and password, follow the procedures on Reset Your Odin Account Password to change your password and security questions immediately. If you use your Odin password for any other web services, OIT recommends that you reset the password there as well (for example, if you signed up for Facebook using your PSU email and Odin password, you should also reset your Facebook password).

Report the Email

Forward the email to security@pdx.edu. Your report will be investigate, and will help prevent many others on campus from falling victim to the attack.

Mark the Email as Phishing or Spam

Gmail provides a quick, easy way to mark emails as phishing or spam from within the web client. This will help everyone using Gmail, as it teaches the system which emails to block. To mark an email as phishing, navigate to mail.pdx.edu and follow the procedures in Google's Prevent and Report Phishing Attacks support web page. You should be careful with this feature as it generates alerts which a human review. Only use “report as phishing” if you’re reasonably certain of a malicious intent which impacts the security of your account, or the accounts of others.

You can also mark spam emails using the procedures outlined in Google’s Mark or Unmark Spam in Gmail support web page.

If your contacts tell you that they've received phishing or spam emails from you, ask them to forward a copy of the message to abuse@pdx.edu, and ask them to take the same steps listed above and contact the OIT Help Desk if they have any questions.

Recognize Phishing Emails

The following factors can help you determine if an email that appears to be from PSU is legitimate or phishing:

OIT employees will never ask you for your password. You should be suspicious of any email that asks you to provide login information.

Phishing scams often rely on alarming (but false) statements to incite an immediate reaction from recipients. This could include warnings that your accounts will be suspended/deleted, that a delivery of goods/money is waiting for you, or that your information has been compromised elsewhere and needs to be verified.

Phishing and other untrustworthy emails can often be identified by their incorrect grammar or spelling. Many times these types of emails are not written in clear, professional English. Examine the content of these emails for strange, unnatural wording. This can be a sign that the email is not an official PSU communication.

If the email contains links to other pages that ask for information, hover over the link and check the bottom of your browser window to examine where the link will take you. Secure PSU login pages will have URLs that begin with "https://" (for example, https://oam.pdx.edu or https://sso.pdx.edu). If the URL looks strange to you, do not follow the link. Reference Understand Web Addresses for more information on URLs.

If you've already opened the link in the email, examine your browser's address bar. Secure PSU pages will display either a green padlock or a green bar to the left of the URL that says "Portland State University". If you select on this green bar, it will display detailed information about the website's verified identity.

Do not enter your Odin credentials on any page that does not display either a green padlock symbol or a green bar in the browser's address bar. (Note: Mobile browsers may display a padlock image and the name "Portland State University" in green text above the address bar instead of a green bar.)