Body
If you receive an email that looks suspicious, don't just delete it. You can help protect yourself and others by reporting it. Here are a few ways to do report phishing emails.
Using the Phish Alert Button (PAB)
The easiest way to report a suspicious email is to use the Phish Alert Button (PAB), which should be visible in your inbox. When you click this button on a suspicious email, it automatically does two things:
- It reports the email to your organization's security team for investigation.
- It removes the email from your inbox, so you don't accidentally interact with it later.
For more information, please visit KnowBe4 Phish Alert Button (PAB) for Gmail
Forwarding to the IT Service Desk
Additionally, you can report a phishing attempt by forwarding the suspicious email to the IT Service Desk help@nsuok.edu.
This creates a service request ticket for NSU's security team to investigate the email and take action if needed. When you forward the email, make sure it is sent as an attachment to preserve all of the original email information, including its headers and links.
If You've Entered Your Information
If you accidentally clicked a link in a phishing email and entered your login credentials or other personal information, it's crucial to act immediately.
The first and most important step is to change your password right away. You may change your NSU Password at any time, through the Password Manager password.nsuok.edu website, if you feel your email account has been compromised or if you provided information to the sender of a phishing email.
After that, be sure to report the incident using one of the methods above. This will alert the security team to the potential compromise and allow them to take further steps to protect your account and others.
If Your Account is Sending Phishing Emails
If you discover that your email account is sending out phishing emails without your knowledge, this is a strong indication that your account has been compromised. You need to act immediately to prevent further damage.
- Change your password immediately. Choose a strong, unique password.
Passwords must be between 16 and 30 characters and:
Must contain a lowercase letter
Must contain a uppercase letter
Must contain a number
Must contain a special character ~!@#$%^&*()_+=-?><
- Report the activity to the IT Service Desk. Let them know that your account is sending out unauthorized emails. NSU's Security Team will investigate the situation and secure your account.
If You Receive an Unexpected Password Reset Email
If you receive a password reset email for your NSU password but you did not request one, be cautious. This could indicate that someone is trying to gain access to your account.
Do NOT click on any links in the email. Instead, take these steps:
- Go to the sso.nsuok.edu (by typing the URL into your browser, not by clicking a link in the email).
- Log in to your account and review your recent activity or security settings. This includes checking for authorized devices.
- If you don't see any suspicious activity, you may safely discard the email. Do not share any multi-factor authorization (MFA) codes that you may receive.
- Report the email to your IT Service Desk as a precaution
Cybersecurity is a shared responsibility and your awareness is critical in helping protect your information, our community and the university’s environment.
If you are ever in doubt about an email, contact us before taking action.
Our IT Service Desk can be reached at 918-444-5678 or help@nsuok.edu.