Thank you for your interest in learning more about phishing defense at Northeastern University.

What is Phishing?

Phishing is a cybercrime in which a scammer illegally attempts to obtain usernames, passwords, financial information, or other sensitive information by impersonating trusted sources through email.

Even when the strongest of email security protocols are in place, occasional phishing or unauthorized emails can sneak into email inboxes. If something does not look right in your inbox, it should quickly be reported to reduce the likelihood of other university users from also receiving malicious emails, commonly referred to as phishing campaigns.

  1. Know your sender: The ‘display name’ should match the email address the message has been sent from.
  2. Know your content: The URL from links and other content redirects should match the address of the company it claims to be from.

Phish-y Clues

  • Typo in the sender’s email address (check the spelling of ‘international’), and it doesn’t align with the sender’s information within the email itself. 
  • Outdated domain name used ( instead of 
  • Document formatting does not support commas and spaces. 
  • Inconsistencies in language used, such as the Latin circumflex (Ā). 
Errors in phishing email