Top 3 Ways to Avoid Phishing Scams

by Elizabeth Jenike, IT Services

It’s National Cybersecurity Awareness Month, and that means it’s time to review some common ways scammers try to get your personal information -- and how to spot them so you don’t experience the heartache of falling for a phishing scam.

According to ZDNet, 3 billion phishing emails are sent every day. This accounts for 1 percent of all email traffic -- and people fall for these kinds of scams all the time. You don’t want to count yourself in that number. Let’s take a look at some of the ways you can ensure you’re staying safe online and not falling victim to phishing scams:

1. Educate yourself about what a phishing scam looks like

The best defense against phishing scams is education -- and learning how to spot scams from a mile away is a great strategy for keeping your information out of the hands of these malicious actors. Here are some quick questions to ask:

Who is the email from? If the signature indicates that the missive was sent from someone at Miami, but the actual “from” box doesn’t match the server, that’s suspect.

What does the email want me to do? If someone is asking you to provide personal details, such as Social Security numbers or bank account routing information, chances are it’s a scam. That goes double if it’s the University president requesting this data. We promise, President Crawford will never (ever) ask for your SSN via email (or otherwise, for that matter).

Check the grammar. Oftentimes, these emails are written poorly, riddled with typos and grammatical snafus.

Read more about avoiding scams on the Cybersecurity and Infrastructure Security Agency site.

2. Don’t click that suspicious link!


If you get an email requesting information that already looks suspicious, don’t click any links that appear in that message. Often, clicking these links will download malicious content to your device and can result in a ransomware attack or worse.

In truth, when you’re online, you’re vulnerable. Practice safe internet browsing by always using an encrypted network (and, if that’s not available, use the virtual private network (VPN) so Miami’s network can keep you safe), staying away from pop-up ads, and keeping your sensitive information close to the chest -- that includes your Social Security number, bank account information, and health care information.

3. Be aware -- your boss will never ask for your password

Business email compromise (BEC) scams accounted for $1.8 billion lost by businesses in 2020 -- which amounted to 37 percent of all losses. These nefarious schemes often involve someone spoofing a high-ranking person’s email account and messaging someone who works for that person to ask for account numbers, password details, and other sensitive information.

Your boss will never ask for your password. They don’t need it. They also will not ask for your bank account information and won’t ask you to send them gift cards. Period.

One way to spot a scam and make sure you’re actually speaking to your boss -- if you receive a suspicious email, just give that person a call. “Did you send me this note?” If they did, they should be able to give you context. If not, you know you have a scammer on your hands.

Stay vigilant

You have the power to prevent phishing attacks -- just educate yourself on the finer points of phishing scams. The Miami community as a whole is fairly good at pointing out phishing emails -- don’t forget you should forward these messages to so our Information Security Office can investigate them.

October is NCSAM

Each October, we celebrate National Cyber Security Awareness Month by publishing safety tips, reminding Miami to stay vigilant in their internet use habits, and keeping everyone in the know about current scams. Check IT News for more information about staying Cyber Aware as NSCAM continues.

And remember: “Do Your Part. #BeCyberSmart.”