Topics Map > Client Services

Cyber Security - Phishing - How to spot

Explains how to recognize phishing emails by describing common warning signs, provides steps for what to do when you receive a suspicious email, and includes real examples of phishing emails received at UWL along with an annotated anatomy diagram and UWL ITS-produced awareness videos.

Phishing is when someone tries to obtain your confidential or financial information through deceptive emails or messages. Examples include an email claiming to be from a friend asking you to wire money, or a message claiming you won a prize but need to provide your bank account information to collect it.

Bottom line: If you are unsure whether an email is legitimate, do not click any links. Contact the Eagle Help Desk (opens in new tab) if you need help verifying an email.

What to Look For in a Phishing Email

  • Sent from a non-university email address: Always check the sender's full email address, even if the email signature looks legitimate.
  • Appears to be from someone you know: Contact that person through a different method you have used before to verify they sent it.
  • Inconsistencies in addresses or URLs: Look for added characters, numbers, or misspellings — for example, www.uw1ax.edu (number 1 instead of letter l) or uwlax.@edu.
  • Poor grammar and spelling: Phishing emails often contain misspellings, mismatched capitalization, or unusual formatting.
  • Suspicious links, images, or attachments: Be wary of emails that ask you to click a link or open a file — for example, "See attached invoice" or "Install updates from..."
  • Artificial urgency: Phrases like "Your account will be shut down if you don't respond" or "Your computer has a virus — click here to remove it" are designed to pressure you into acting without thinking.
  • Requests for action through conversation: Some phishing attempts build trust over multiple messages before asking you to buy gift cards or share personal information.
  • Offers that seem too good to be true: If it sounds too good to be true, it almost certainly is.

Using a Smartphone?

Be extra cautious when checking email on a mobile device:

  • If you're unsure about an email, wait until you're at a computer before clicking any links.
  • On a computer, you can hover over a link with your mouse — without clicking — to preview the actual URL before opening it.
  • Be especially cautious with unexpected attachments on mobile, as it's harder to inspect them safely.

What to Do If You Receive a Suspicious Email

  1. Don't click any links or open any attachments.
  2. Report it. In Outlook, use the Report Message button to mark it as phishing. This helps protect the rest of the UWL community.
  3. Contact the Eagle Help Desk if you're unsure whether an email is legitimate, or if you already clicked a link. The sooner we know, the faster we can help secure your account. Reach us at helpdesk@uwlax.edu or 608-785-8774.

UWL IT Emails

Information Technology Services (ITS) will never ask for your password by email. If you receive any message requesting your password, delete it immediately without replying.

Anatomy of a Phishing Email

Anatomy of a phishing email diagram using a fake Doodle poll invitation as an example. Four callouts identify red flags: (1) Sender address doodlestuff@phishydomain.info — labeled as a suspect domain name. (2) The email body uses the number 1 in place of the letter l in words like A11 and COV1D — labeled as numbers used as letters. (3) Urgent language reading Immediate Action Needed with a 48-hour deadline and a Participate Now button — labeled as immediate or urgent call to action. (4) The underlying link URL phishydomain.info/landing/[long string] — labeled as a suspicious web link.

Examples of Phishing Emails

The following are real examples of phishing emails received at UWL. Notice how they use the tactics described above.

Example phishing email sent from a personal Gmail address to a UWL recipient. The subject line is blank. The message reads: Are you free right now? I have a request I need you to handle. Will look forward to your reply. Red flags: non-university sender address and vague request designed to start a conversation. Example phishing email appearing to be from Uwlax VO1P with sender address Cisco-Messaging-etjFJ@wustl.edu — a Washington University domain, not UWL. Subject line claims OLIVIA at a 202 area code phone number left a 23-second voicemail. Red flag: sender domain does not match the claimed UWL source. Example phishing email impersonating PayPal Service with subject line Please Update Your Security Information. Uses a generic salutation, claims the account is temporarily limited, and includes a prominent Update Security Information button. Red flags: generic greeting, urgency language, and a suspicious call-to-action button. Example phishing email impersonating the UWL Chancellor James Beeby sent from a non-UWL email address. Subject line reads Needed right now. Message asks the recipient to purchase gift cards confidentially and reply with the card details. Red flags: impersonates a university official, non-university sender, and gift card request.

Informative Videos About Phishing

These videos were created by UWL ITS to help you recognize and avoid phishing attacks:

Important: UWL IT will never ask for your password by email. If in doubt, don't click — contact the Eagle Help Desk (opens in new tab).

See Also

See Also


Keywords:
phishing, phishing email, spam, scam, suspicious email, email security, cyber security, how to spot phishing, phishing warning signs, urgent email, fake email, report phishing, Outlook report message, gift cards, password request, suspicious link, hover link, fake sender, spoofed email, bad grammar, non-university email, UWL IT, ITS, Eagle Help Desk, phishing examples, phishing video, mobile phishing, smartphone email, PayPal phishing, gift card scam, account limited, impersonation, domain name, numbers as letters, anatomy of phishing email 
Doc ID:
84838
Owned by:
David H. in UW-La Crosse
Created:
2018-08-13
Updated:
2026-02-26
Sites:
UW-La Crosse