Latest Threats
Cyber threats evolve fast—stay in the know with our latest updates to keep your defenses strong.
How to spot a Phishing Email: The Quick Checklist
- Sender Email: Check if the domain matches the legitimate organization (e.g., “@fitnyc.edu” vs. a fake one “@fit12-school.com”).
- [EXT] External Tag: If marked [EXT], the email is coming from outside FIT. This is a signal to proceed with extra caution.
- Too Good to Be True?: Offers for high-paying jobs without interviews or experience are major warning signs.
- Urgency: Watch for pressure tactics like “respond quickly” or “deposit now.”
- Personal Info Requests: Legit employers won’t ask for sensitive data like banking info over email or text.
- Payment Requests: Be suspicious if they want you to return money or make purchases with a check they sent.
Verify Before Acting: Always check the legitimacy of the job offer by contacting the company directly through official channels. RED FLAG: the email doesn’t name the company or doesn’t appear in a web search.
Beware of Pell Grant Phishing Campaign
What happened?An advisory has just been released by one the Higher Education cybersecurity communication groups alerting us to two phishing campaigns targeting students using the lure of the Pell Grant. The first one attempts to contact students by text message, a form of phishing called “SMiShing,” congratulating them on their acceptance into the Pell Grant Award […]