Phishing is used by cybercriminals to trick you into revealing personal or sensitive information such as usernames, passwords, bank and credit card information through well designed and seemingly legitimate email messages, websites and phone calls.

Cybercriminals are constantly changing phishing emails in order to make it through any email filters. Since there are no filters that can 100% guarantee that all spam or phishing emails can be blocked, it is important that you learn to identify these scams and respond appropriately by deleting them or reporting them to the Information Technology Help Desk.

Examples of email phishing

How protect yourself from phishing scams

  • Do not send passwords, credit card information, bank account information, or other private information in an email. Email messages are not considered secure. An email can be forwarded to others without your knowledge.
  • Be cautious of unsolicited email messages, attachments or links, even from people who you may know. If you have doubts, do not respond.
  • Avoid clicking links in emails, especially if they request private information.
  • Call the company with a number from your contact list, not a number provided in the email.
  • When you have to enter private information in websites, look for ‘https://’ and a lock icon in the address bar before entering the information.  If the website does not have the “https://”, it is not a secure site.
  • Remember to always log-off  of your computer when connecting to secure websites because the next person using the computer may have access to your data.
  • From Outlook, right-click the suspicious message, point to Junk, and then click Report Junk.

What should you do if you have been scammed by phishing?

  • Change your KSU password immediately.
  • Change your Banner INB password immediately.
  • Call the IT Help Desk.
  • If your mobile device has such a service, delete all personal data from the device (Find My iPhone, Find My iPad, Android Device Manager, etc.).
  • Change the password for any personal accounts that share the same password, such as:
    • Banking services;
    • Email (personal, corporate);
    • Online stores (Amazon, eBay, iTunes, etc.);
    • Social media (Facebook, Twitter, etc.);
    • Backup services or file sharing (Dropbox, etc.);
  • Contact the abuse or fraud department of the service being impersonated (eBay, Paypal, etc.).
  • If you suspect a bank or credit card account may have been compromised, contact that institution to check your account immediately and request a credit report.

Can you identify phishing?

For more information

Contact IT

  • Online: (on campus only)
  • Email: (24×7, response within 1 business day)
  • Phone: (502) 597-7000 (8:00 a.m. – 4:30 p.m., Monday – Friday)