How to protect yourself from phishing and viruses

Attackers and scammers often look for ways to steal email addresses, passwords, and other sensitive information.  

What does phishing looks like?

Phishing is an attempt by attackers to trick you into providing sensitive information by pretending to be a person or service you trust. 
 

Examples of phishing attacks 

Emails that: 

• Ask you to reply with your username/email and password. 

• Contain links to fake login pages or password reset pages. 

• Contain links to view or download a file from someone you don’t know. 

• Mention a current event, entice you with a prize or deal, or claim there’s an urgent reason for you to respond or click on a link. 

• Links on social network posts or comments that lead to fake login pages or password reset pages. 

• Phone calls, emails, or texts that appear like they’re from someone you know asking you to respond or click a link. 
  
   

What does malware and viruses look like?

Malware is any malicious software that attackers use to steal your information or do harm to your files and computer. Malware includes things like viruses, adware, spyware, ransomware, trojan horses, and worms.  
 

Examples of malware attacks

• Visiting a website, viewing an email, or clicking a pop-up window that installs software automatically. 

• Fake emails and websites that impersonate Dropbox or another trusted source. 
  
   

How to tell if an email or website is officially from Mines 

Official Mines websites and emails will only appear on or come from any of our verified domains (such as mines.edu and *.mines.edu).  

You can view the email’s full headers to find out if it came from a bogus address by doing the following: 
 

Gmail 

• While viewing the email, click “…” (More) in the upper right corner. 

• Click Show original. 

• Check the email address listed in the From: field.
   

Microsoft Outlook: Desktop or Web 

Desktop instructions:

• Double-click the email to open it in a new window.  

• Select the File tab and click Properties. 

Web instructions: 

• Click Message Details (an envelope with a small document over it). 

• Check the email address under From: field.
   

Apple Mail 

1. Right-click the email, and select  View Source  from the pop-up menu. 

2. Check the email address under  From: field.
   
    

How to report something suspicious to IT 

• If you receive a suspicious email, forward the complete message to: phishing@mines.edu.  

• If you receive a suspicious link, send the link in an email to phishing@mines.edu. Include a description of how you received the link and the full URL of the link. 

• You can also contact us at the IT Service Desk and if we determine it is a phishing, malware, or spam attempt, we’ll take immediate action. 

 

Tips to stay protected from phishing and malware 

Always check for the warning signs listed above before downloading a file or clicking a link. 
 

Email 

• If you don’t trust a link in an email, go directly to the normal login or home page for the service (for example, type https://weare.mines.edu/ instead of clicking on a link). 

• If you’re not sure who an email is from, don’t click anything in the message. 

• If you receive a suspicious message from someone at Mines, contact the person directly to verify that the message or link really came from them. 
   

Passwords 

• Use strong passwords. 

• Enroll in our multi-factor authentication (DUO) to protect your Mines accounts. 
   

Devices 

• Enable browser security and privacy settings to block phishing, malware, and other malicious sites in Chrome, Internet Explorer, Safari, Firefox, or your favorite browser. 

• Install the latest updates for operating systems, browsers, software, and applications as soon as they become available, as they may have important security updates. 

• Use anti-virus to protect your devices. 

• Follow good security practices to protect your entire computer.