Phishing attempts can be detected by almost anyone?

Phishing attacks are increasing in frequency and sophistication. However, they are still quite easy to detect. Looking for some specific indicators can usually indicate if it is a phishing attempt.

  • Is the email pointing at a web address that likely isn’t correct?
  • Is the email from a confirmable source? (ITS always posts all their mass emails on their "Recent Official Account Emails Sent By ITS" webpage.)
  • Is the language in the email correct for the language it’s written in?
  • Is the email asking for personal information to be filled out in a web-form or emailed back to them?

Reputable senders will make sure that their web links are correctly formed – the link and the pop-up (by the mouse or in the lower left corner of the window) will report the same address. They will also ensure the language is easy to read and in proper English. They will not ask for personal information to be emailed or filled out on the web. The address they send from will be an official address and not a ‘free email’ provider (Gmail, Yahoo, Hotmail, etc.), and will likely be able to be verified by looking up in a directory or on their website.

Should you need assistance verifying whether an email is phishing or not, please send it to the helpdesk, ( and we would be glad to look into that for you.