Phishing keyboard image

More than 95% of emails sent to an address are blocked as spam or phishing before delivery; only 5% or less actually is delivered to your mailbox. Since we can not block all phishing or spam, it is important to remember to be cautious with all email — Do not click on links or attachments in emails unless you are certain of the sender and the contents of the message.

Phishing is a technique used by criminals that send fake emails claiming to represent legitimate businesses, University departments, and even your close friends. Attackers will commonly use seemingly everyday notifications such as false bank statements, password change requests, and other forms of solicitation to obtain personal information.

How to Spot a Phish

Phishing example image

Tips to Catch a Phish:

  • Phishing messages often have a sense of urgency or threat to them.  
  • The sender of a phishing email is not legitimate.
  • Links in emails direct users to invalid URLs.  Hover over the URL without clicking in order to see where a link may take you.
  • Grammar and spelling mistakes are prolific in phishing emails.
  • Phishing emails usually have a generic, rather than personal, greeting.

UIS will never ask for your password. Verify legitimate UIS emails here

Check out samples of current, known, phishing attacks at the University at our phishing examples page.

Be wary of emails demanding that you log in or update your account/profile, and always confirm that you are at a legitimate site before logging in or submitting personal information.

What to do if you get a suspicious email: 

1. Do not click on the links or attachments in the email. Check the validity of the email if you can, by checking with the sender by some method other than reply email

2. If you are unsure of the email, forward the email with the headers to

3. If you are sure the email is a phish, go to the original email; refer to the top right portion of the email box; click on the “more” option to the right of the “reply arrow,” and choose “report phishing.”

4. Bookmark our phishing examples page for future reference. UIS posts the phishing threats seen on campus so you can be sure to avoid them.

Clicked on a link that may be fraudulent? Reset your password from another computer immediately and review your gmail settings.  If you need additional help, contact the GU UIS Service Center at or (202) 687-4949.​​

Need to forward email headers? 

Include the email headers by going back to the original email, clicking on the three vertical dots, and selecting “show original” in the drop down list. A new window or tab should open up. Copy the entire content of the window into an email to send. Send headers to the Cyber Incident Response Team

How to forward headers image