• Embedded links. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, don't click on the link. Treat any links in messages as potential phishing attempts. Also, websites where it is safe to enter personal information begin with "https" - the "s" stands for secure. If you don't see "https", do not proceed.
• Attachments. Many phishing attempts include attachments as an alternative way to infect your computer. If you see an attachment from someone who you know but don't expect it, it is good to check with that person to make sure they actually sent you the message. Also, if the email comes from someone you don't know, be very wary of opening any attachments from them.
• Requests personal information. One of the points of sending phishing email can be to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
• Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.

Treat every email you receive (even if it is from someone you know) with caution. Reputable organizations will never request personal information via email. Internet criminals target all types of businesses, home users, institutions and governmental organizations. You should use the same precaution in all aspects of your daily life. In addition, other important notes to consider:

• SEU staff or faculty will never ask for your password or Social Security number by mail, phone or any digital form.
• Never reply to any messages that ask for your password or personal information.
• Never click links in suspicious email messages. Phishers often make links look like they go to one site, but actually send you to a different site.
• Be cautious about viewing attachments or downloading files from emails you receive, regardless of who sent them.
• Make sure your computer's Virus and Malware protection are up-to-date.
• Frequently review financial statements to check for unauthorized charges.
• You should be suspicious of any email messages which direct you to websites requesting personal and/or financial information.
• Check the sender's email address. Phishing emails are usually sent from addresses that are similar to, but not the same as organizations' official email addresses.

In order for us to properly track phishing activities and stop more emails from being sent out to other users, you will need to send us the full message headers of the email. Below are instructions on how to do so:

1. Log in to your SEU email.
2. Open the phishing/scam email you received.
3. Click on the down arrow next to Reply, at the top of the message pane.
4. Select Show Original
5. The full email headers will appear in a new window.
6. Copy the entire text on the window and paste it into a new email message.
7. Send the email headers to phishing@steu.edu
8. Delete the message.

If you responded to any phishing emails, contact the SEU Help Desk immediately at www.steu.edu/requesthelp or (973) 290-4015 so we can assist you in resetting your password and check your account for any suspicious activity.

If you have submitted any other sensitive data such as your Social Security Number, it is recommended that you sign up for credit monitoring with a reputable credit report agency.