Avoid Phishing Attacks
Phishing emails look similar to legitimate communications from PSU administration or colleagues, but are actually an attempt by malicious entities to steal your information.
Phishing attacks are designed to fool people into divulging things like Odin account usernames and passwords, credit card details, and other sensitive information. They often appear to be document shared unexpectedly, or ask you to follow a link to a page that looks like an official PSU webpage and enter your Odin account credentials.
Table of Contents
Protect Your Information
If you believe you've received a phishing email, you should take the following steps:
Report the email.
Mark the email as phishing or spam.
Reset your password.
Reset your Password
If you've followed a link in the email and entered your Odin username and password, follow the procedures on Reset Your Odin Account Password to change your password and security questions immediately. If you use your Odin password for any other web services, OIT recommends that you reset the password there as well (for example, if you signed up for Facebook using your PSU email and Odin password, you should also reset your Facebook password).
Report the Email
Forward the email to security@pdx.edu. Your report will be investigate, and will help prevent many others on campus from falling victim to the attack.
Mark the Email as Phishing or Spam
Gmail provides a quick, easy way to mark emails as phishing or spam from within the web client. This will help everyone using Gmail, as it teaches the system which emails to block. To mark an email as phishing, navigate to mail.pdx.edu and follow the procedures in Google's Prevent and Report Phishing Attacks support web page. You should be careful with this feature as it generates alerts which a human review. Only use “report as phishing” if you’re reasonably certain of a malicious intent which impacts the security of your account, or the accounts of others.
You can also mark spam emails using the procedures outlined in Google’s Mark or Unmark Spam in Gmail support web page.
If your contacts tell you that they've received phishing or spam emails from you, ask them to forward a copy of the message to abuse@pdx.edu, and ask them to take the same steps listed above and contact the OIT Help Desk if they have any questions.
Recognize Phishing Emails
The following factors can help you determine if an email that appears to be from PSU is legitimate or phishing: