Resources for... William & Mary
William & Mary W&M menu close William & Mary

NCSAM Week 3 - October 17, 2022

There are some simple techniques for identifying phishing emails. Read on to learn how to spot and report phishing emails.

For years, phishers have established credibility by creating email messages that use the same typeface and logos as legitimate organizations. A scam at W&M used a screenshot W&M email login page to try to deceive people. 

Phishers are tricky, but there are ways to put a chink in their chain by looking for some warning signs:

  1. Avoid clicking on links within suspicious looking emails. Phishers have devised ways to mask webpages and URLs to look remarkably legitimate.
  2. Often phishing messages contain grammatical or typographical errors.
  3. Phishers tend not to personalize their emails since they don't usually know their recipients' identities and because they don't even know if the recipient has any affiliation to the organization they're trying to spoof.
  4. Prizes galore, but only in exchange for some of your personal or financial data. Hint: there is no prize.
  5. It's urgent! No, it's not. W&M IT is not going to do any upgrades or changes to your account without notifying you in advance first. Look for announcements in the W&M Digest and on the W&M IT homepage. 

If you've been a victim of a phishing scam, immediately change your password to any at-risk accounts. If it came to your W&M inbox, forward the phish to (for faculty and staff) or report it to Google (students).

Use the Clues - Like a detective, you must find clues to keep your inbox safe from phishing.

Catching a Phish -  Get a behind-the-scenes look at a phishing attack that struck William & Mary and advice on how to keep phishing at bay.

Information Security Team can be reached at

Questions? Contact the Technology Support Center (TSC)
757-221-4357 (HELP) | [[support]] | Monday - Friday, 8:00 am - 5:00 pm