Cybersecurity Awareness Month: Protect yourself from phishing

WWU News

On This Page

• WWU Stories
• News Releases and Announcements
• WWU in the News
• Campus News and Information

Cybersecurity Awareness Month: Protect yourself from phishing

October 6, 2025

October is Cybersecurity Awareness Month, and Western Today will host a story a week from our own IT pros on ways to keep yourself safe online. This week, let's talk about phishing.

Phishing Scams Are Getting Smarter - Here's How to Stay Ahead

It used to be easy to spot a phishing email: unusual grammar, strange formatting, and suspicious links were dead giveaways. But today's phishing scams are more sophisticated-and more dangerous.

One of the most concerning trends we're seeing at Western is phishing attempts that come from compromised Microsoft or Google accounts, often posing as fellow WWU employees. These messages may come from SharePoint or Google Drive directly, look completely legitimate, and often include shared documents that appear to be work-related. The goal? To trick you into clicking a malicious link or downloading malware.

How to Spot a Sophisticated Phish:

• Unexpected document shares: If you receive a file from someone you don't normally collaborate with, especially without context, pause before clicking.
• Urgency or pressure: Messages that say "urgent," "immediate action required," or "your account will be disabled" are red flags.
• Subtle email mismatches: Even if the sender appears to be a WWU employee, check the full email address. Compromised accounts may use lookalike domains or aliases, or the name in the email address may not match the name in the message.
• Odd formatting or tone: If the message feels "off" or doesn't sound like the person you know, trust your instincts.

What You Can Do:

• Verify before clicking: Reach out to the sender via Teams or phone to confirm they meant to share the document.
• Report suspicious messages: Use the "Report Phishing" button in Outlook or forward the message to I[email protected].
• Download the Microsoft Authenticator App: Multi-factor authentication is your best defense against account compromise. When you log in to a system that uses MFA, the app will verify with you what system you are logging into. If what you see in the app doesn't match what you see on your computer screen, be suspicious.

Remember that cybersecurity is a shared responsibility. Stay alert, ask questions, and help keep Western safe.