Holiday Shopping Season is Phishing season

This time of year is prime phishing season for hackers, as consumers make more online purchases that can be easy to lose track of in the bustle of the season.  Please take the time and necessary precautions to protect yourself against online scams.

Think Before You Act: Be wary of sites that offer deals too good to be true.  Don't Click on the Link!

Know your Wi-Fi Network: Do not make online purchases over unsecure, public networks!

Protect Your Personal Information: Only you control what information you give out online-- be alert to what information is being requested in transactions and only give the information necessary to complete the requested action.

Best Practices for Cybersecurity

How to Spot a Phishing Attack

See active Phishing Examples

What is Ransomware?

Learn more about Password Safety

Online Security Awareness Training now available!

UIS is now providing a brief online training on security awareness and best practices. This introductory course is currently available for active University staff and faculty. Completing the course will enable all of us to better protect our information.

The course is available now at

Log in with your net ID and password. It takes about 15 minutes.

What does UISO do? 

Threat and Vulnerability Management: Because Georgetown University considers the protection of University information a critical priority,we endeavor to protect by providing critical information security services and education to the GU community, equipping students, faculty and staff with the tools to better protect computers and data.

See what we do:

Cybersecurity Information and Tips

E-Mail Safety


Every email account is bombarded with phishing attempts on a daily basis.  Much like telemarketers and political campaign callers, phishing is a consistent part of our environment.  Nobody is immune - faculty, students, staff, alumni all get phishing emails.  Much of this phishing e-mail is filtered out, but some still occasionally get through.

Phishing emails use tricky tactics to steal your personal information.  When an unsolicited message is sent to you asking for passwords, your social security number, other personal data, or to verify that an email address is active, that is a phishing e-mail.  They are "fishing" for information.  

Phishing e-mails can be especially convincing as they can be highly personalized and sophisticated and appear to legitimately be from trusted companies or organizations that you may have an association or do business with, such as your bank, Georgetown University, or the government.  Legitimate business or government organizations will rarely ever ask you for any personal information – any such request should be validated before responding.

Learn more about how to Spot a Phish!

E-Mail Links or Attachments

In addition to phishing e-mails, you should also be aware of strange links or attachments that may accompany e-mails – including those from people you know.  You should never click on any links from or open attachments from emails from unknown individuals.  If you receive an e-mail from someone you know with strange links or attachments, you should confirm with the individual that they meant to send you the link or attachment as their e-mail account could be compromised without their knowledge.

Online Account Safety

It’s important that you take care to protect your online accounts to ensure that others do not have unauthorized access.  Your online accounts include your Georgetown University NetID and accounts associated with your online financial, social media, and shopping activities.  While it may seem harmless to share your individual online account with others – your online accounts also represent your “digital identity” and allowing others to access your personal data or perform online activities as you can have bad unintended consequences and identity theft.

Sharing your NetID is not just allowing someone to access your GU account for convenience purposes,  it’s also allowing someone access to your student records, staff personnel information, or personal emails and data stored in your Google account.

To protect yourself and the University, please make sure that you do the following:

  • Try to use different passwords for key online accounts (e.g., your NetID, online banking, personal e-mail account, social media account, etc.) 
  • Use a complex password or pass-phrase (more than 8 characters with a mixture of upper / lower case, numeric, and special characters)
  • Change passwords regularly 
  • Do not share your password with others
  • Enroll in the Georgetown University Password Management System – to ensure that only you can change your NetID password
  • Validate and delete any suspicious e-mails - do not click on any links from “phishy e-mails” (You can check the Georgetown University website to validate authentic University e-mails or to see recent phishing examples.  Search for “phishing examples”)
  • It’s also important to ensure that you have proper security software installed on your computer – including all PC’s and Macs – to prevent malware infection  (All Georgetown University staff can download the Symantec End-Point Protection software free of charge – please contact UIS for more information)
  • You should also be avoid installing any pirate software or apps as these are often the sources of malware infections

​​Every email account is bombarded with phishing attempts on a daily basis.  Much like telemarketers and political campaign callers, phishing is a consistent part of our environment. Nobody is immune: faculty, students, staff, alumni all get phishing emails. 

If you clicked or think you may have clicked on a link? Computer acting oddly? Spamming folks on your contact list?

  • Change your password immediately!
  • Call the Service Center (202-687-4949) for assistance.

Password Change Requirement (twice per year)

UISO will remind students, faculty, staff and alumni to change their passwords two times per year. If you have questions, please email us at or call (202) 687-3031.