Phishing Examples


Email phishing is the biggest security threat to Western community members.  Phish emails come in different forms, but they are usually trying to either swindle you out of money or steal your logon credentials (username/password). When they steal your credentials, they can send emails as you and create more legitimate looking phishing emails. Or, they can log into web applications and systems you normally use, and steal, destroy, or worst of all, ransom your data.  The examples below should help you recognize the most common phish emails we see at Western. 

Example 1:  Somebody is Sending You a File

A common tactic to steal your username/password is to send you an email message saying someone has sent you a file, typically via Google Docs or OneDrive.  Take a look at the two examples below. 

Phish Example 1
Phish Example 2


Ask yourself:

  • Are you expecting the shared file?  
  • Who is this person sending the file to me?  Note, sometimes they do pose as someone you know, even President Sabah Randhawa as in the second example!
  • What could be so important that all my colleagues/classmates have been cc’d (first example)?

Oops!  You clicked on the link!

So, let’s say you do click on the link, and you see one of these two examples:

Phish Example 3
Phish Example 4

Ask yourself:

  • Do the URLs look right?  In the first example, you could be tricked by the URL, and in the second example the URL should seem suspicious.  
  • Is the page encrypted?  In the second example, the URL starts with http://, an unencrypted page, not https:// which is encrypted.
  • Have you ever seen anything like this before?  The first one is clearly no, but the second one does mimic our logon page.
  • Why does a stranger want me to log in?

If you clicked on any links and/or entered your credentials:

  • Change your password immediately!
  • Sign up for multi-factor authentication.
  • Scan your desktop for malware.  Note, just clicking on the link could infect you.
  • Open a ticket with the ATUS helpdesk online or by sending an email to If you took the steps above, they may not need to do any further actions, but our Information Security Office can check for any suspicious activity.

Example 2:  Somebody is Sending You a Secure Message

How often do you receive a “secure” message? 

Secure Message Phish

Ask yourself:

  • Does the sender look legitimate?  Try hovering your mouse over the “From” address and see if it matches what is written.
  • Have you ever received a secure message from this person before and are you expecting it? 
  • If you hover over the link, does it match what you see in the email? If not, stop!

If you clicked on any links and/or entered your credentials, take the same steps you would if you entered your credentials in the “File shared with you” example.

Example 3:  Schemes to Rob You of Your Money

A criminal may try to trick you into calling a toll-free number to ask about an unexpected charge.  When you call, they may ask you to give a bank account number and so they can “refund” you.  Unfortunately, the opposite will happen, they are probably going to drain your bank account!

Invoice phishing scam


Ask yourself:

  • Does the sender look legitimate?  Try hovering over the “From” address and see if it matches what is written.
  • Have you ever received a legitimate invoice that looks like the message? 
  • Did you actually buy something that is listed on the “invoice”?

If you are not sure if the invoice is real:

  • Call the company directly using the customer service number on their website.
  • Check your credit card and bank account for any unexpected charges.
  • Use multi-factor authentication (MFA) for both your Western account and your personal accounts (each institution will have their own MFA sign-up).

Other Malicious Phish Emails

Lastly, there are two more common malicious schemes to rob you.  Someone you do not know is offering you a “job” such as pet, baby, or house sitting, or someone is impersonating someone you know (even your boss!) and asking you to buy them gift cards.  Report these phish emails and then delete them.