What is a Phishing email and how do I report them?

Report Phishing and other potential Malicious emails using one of the methods below.

Options for reporting Malicious Emails

1. (Primary Reporting Tool)

Use the "Report Suspicious Email" button for Ninjio found in Outlook.

• Ninjio will ask "Would you like to report this email?"
  • Select "Report"
• Ninjio will advise "The email was successfully reported. Thank you for your cooperation!"
  • Select "OK"
• Ninjio will remove the specific email you reported and an email will be received from "no-reply@goninjio.com" advising that "Reporting suspicious messages helps prevent malicious attacks on you and VolState. The message will be reviewed and you will be notified by the Cybersecurity Team."
  • Potential replies from reporting through Ninjio may include:
    • The email was found to be spam! It was moved to the deleted items folder. Please do not click the links or download the attached files.
    • The email was found malicious, please delete it from your inbox and don't forward it to other users. Please do not click the links or download the attached files.
    • The email was found clean, you may use it in case you need it.

2. (Secondary Reporting Tool)

Forward the email to abuse@volstate.edu.

3. Call the IT Help Desk at (615) 230-3302, or from a campus phone at x.3302, to review the contents of the email safely.

A list of suspicious emails and recently identified phishing emails can be found through the My Vol State Portal by selecting the "IT Phish Bowl".

If you are not sure what constitutes a Phishing or Malicious email you can read the information listed below.

Phishing explained

Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (for example, your college your Internet service provider, your bank). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (for example, pass phrase, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.

One type of Phishing attempt is an email message stating that you are receiving it due to fraudulent activity on your account, and asking you to "click here" to verify your information. 

Phishing scams are crude social engineering tools designed to induce panic or reward in the reader. These scams attempt to trick recipients into responding or clicking immediately, by claiming they will lose something (for example, email, bank account) or gain something such gift cards, jobs, or prizes. Such a claim is always indicative of a Phishing scam, as responsible companies and organizations will never take these types of actions via email.

Specific types of Phishing

Phishing scams vary widely in terms of their complexity, the quality of the forgery, and the attacker's objective. Several distinct types of Phishing have emerged.

Spear Phishing

Phishing attacks directed at specific individuals, roles, or organizations are referred to as "Spear Phishing". Since these attacks are so pointed, attackers may go to great lengths to gather specific personal or institutional information in the hope of making the attack more believable and increasing the likelihood of its success.

The best defense against spear Phishing is to carefully, securely discard information (that is, using a cross-cut shredder) that could be used in such an attack. Further, be aware of data that may be relatively easily obtainable (for example, your title at work, your favorite places, or where you bank), and think before acting on seemingly random requests via email or phone.

One example of Spear Phishing used often is they will create a Gmail account under the name of a manager and then they send emails out to subordinates asking them to do a favor.  After responding they will ask the person to go to the store and buy gift cards.

Whaling

The term "Whaling" is used to describe Phishing attacks (usually Spear Phishing) directed specifically at executive officers or other high-profile targets within a business, government, or other organization.

Avoid scams

To guard against Phishing scams, consider the following:

• Volunteer State Community College and other reputable organizations will never use email to request that you reply with your password, full Social Security number, or confidential personal information. Be suspicious of any email message that asks you to enter or verify personal information, through a website or by replying to the message itself. Never reply to or click the links in such a message. If you think the message may be legitimate, go directly to the company's website (that is, type the real URL into your browser) or contact the company to see if you really do need to take the action described in the email message.

• Read your email as plain text.

  Phishing messages often contain clickable images that look legitimate; by reading messages in plain text, you can see the URLs that any images point to. Additionally, when you allow your mail client to read HTML or other non-text-only formatting, attackers can take advantage of your mail client's ability to execute code, which leaves your computer vulnerable to viruses, worms, and Trojans.

• If you choose to read your email in HTML format:
  • Hover your mouse over the links in each email message to display the actual URL. Check whether the hover-text link matches what's in the text, and whether the link looks like a site with which you would normally do business.

    On an iOS device, tap and hold your finger over a link to display the URL. Unfortunately, Android does not currently support this.

• Do not open any attachments in these types of emails.  They can contain scripts, viruses, or malware.

When you recognize a Phishing message, first report it as noted below, and then delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the websites it points to.

Warnings

Reading email as plain text is a general best practice that, while avoiding some Phishing attempts, won't avoid them all. Some legitimate sites use redirect scripts that don't check the redirects. Consequently, Phishing perpetrators can use these scripts to redirect from legitimate sites to their fake sites.

Another tactic is to use a homograph attack, which, due to International Domain Name (IDN) support in modern browsers, allows attackers to use different language character sets to produce URLs that look remarkably like the authentic ones. 

Review: If you need to Report Phishing attempts

• If the Phishing attempt targets VSCC in any way (for example, it asks for those using VSCC Exchange to "verify their accounts", includes a malicious PDF directed to college human resources, or impersonates VSCC), forward it using the Ninjio button in Outlook.

• If Outlook Office365 does not automatically provide a link to Ninjio through your browser, My Vol State Portal, or eLearn you can access Ninjio by:

  • Selecting the waffle icon and choose "Add apps +".

• You will see the section "Built for your org" advising "Created and approved by your organization's technology team".
• Select "Report message" by "Ninjio"

• Select "Open" and Ninjio will be added to your available Apps to use.

• If you are unable to utilize Ninjio, then forward it with full headers to abuse@volstate.edu.

  • To forward a message with full headers you have several options for forwarding the message as an attachment depending on your version of Outlook. Here is the easiest to do.

1. Open the message you wish to forward.
2. Click on the icon to the right of Forward and choose Forward as Attachment
3. send to abuse@volstate.edu
4. This will include the entirety of the message including headers

​​​​​​​

OR

1. Start a new message.
2. Move and resize the new message window and Inbox windows so you can see both windows at once.
3. Select the email that you want to forward.
4. Drag it and drop it into the body of your new message.

OR

1. Start a new message.
2. Right click on the message to forward and choose Copy.
3. Right click in the body of the new message and choose Paste.

OR

1. Start a new message.
2. Select Attach Item from the toolbar.
3. Select Outlook Item.
4. Browse to the message you are inquiring about, and select it to attach it.

​To view the full headers of message

1. Open the message.
2. Select File | Info | Properties.
3. The headers will be in the section marked Internet Headers.
4. Click in the Internet Headers section then press Ctrl+A to select all
5. This can be Copied (Ctrl+C) and pasted (Ctrl+P) into a forwarded copy of the message.

OR  you can call the IT Help Desk at (615) 230-3302