Identifying Phishing Attempts

At the HelpDesk, and throughout campus, there has been an influx of phishing attempts on NMU accounts. In response to this we would like to get the word out to the NMU community about ways to tell if you are looking at a possible phishing attempt. Our friends over at James Madison University (jmu.edu) came up with a great rule of thumb when faced with a possible attempt to gather personal information. They suggest, “counting the periods.” What this means is that you will want to look at the link, count back two from the first slash after “http://” and note those two sections. What you are looking at is what’s called the domain of the site or e-mail address.

We hope that you are able to take this information and use it beyond your time here at NMU to continue to keep your personal information safe. Remember that Northern Michigan University, your bank, your financial advisors, and any other person or organization that deals with personal information will typically NOT ask for your information via e-mail including but not limited to: your password or your unique identifier (NMUIN, Member Number, Social Security Number, etc.). If you ever receive a message asking for personal information it is safe practice to contact the support group for that organization. It’s always better to be safe and ask.

Knowing Trusted Domains
Identifying Untrustworthy Domains

Knowing Trusted Domains

http://www.nmu.edu/ - Here we count back two periods from that first slash after "http://" and we see "nmu.edu" which is the standard domain for an NMU site.

https://mynmu.nmu.edu/ - Again, if we count back two periods from the slash we see "nmu.edu."

http://educat.nmu.edu - This one doesn't have a slash, so now what? Count your two periods back from the end of the address as if there was a slash and note the doman, in this case, "nmu.edu."

myuser.nmu.edu - This one doesn't have an 'http' or a slash! Follow the same guideline as the last example and you'll see the "nmu.edu" domain.

Identifying Untrustworthy Domains

We recently recieved a phishing attempt on campus from http://mailnmuedu.webs/com, which is NOT a trusted NMU site and should NOT be followed or clicked.

Counting the periods here shows us that this is not an nmu.edu site.
If a link just says "Click Here" or you can't see the URL or domain, just hover over without clicking the link and a link description will appear. You can count the periods here.
If an email ends in anything other than @nmu.edu or @mes.nmu.edu, chances are it's NOT from a trusted Northern Michigan University account, though we do use a few third party systems in some departments
If you aren't sure, feel free to ask a coworker or contact the HelpDesk.

We hope that you are able to take this information and use it beyond your time here at NMU to continue to keep your personal information safe. Remember that Northern Michigan University, your bank, your financial advisors, and any other person or organization that deals with personal information will typically NOT ask for your information via e-mail including but not limited to: your password or your unique identifier (NMUIN, Member Number, Social Security Number, etc.). If you ever receive a message asking for personal information it is safe practice to contact the support group for that organization. It’s always better to be safe and ask.

Rate this Article: