If you receive a phishing or spam email, mark it as spam and delete it. If you’re unsure, check our list of reported phishing/spam. If it has not been reported, please forward to firstname.lastname@example.org.
It is important to note that legitimate email from Hunter College will NEVER ask you to click on a link to change your password or ask you for your password or other personal information.
You should only change your NetID password by going to the Hunter College NetID website.
Phishing is an attempt by hackers to obtain your personal information (e.g., your account username and password, credit/debit card number, home address, Social Security number, or date of birth). That information can then be used for identity theft and other illegal activities.
Phishing is often done via email. Typically, you receive a message disguised as legitimate correspondence from an individual you know, from a bank or other financial institution, or from another type of business—often with a phony logo that looks official. The email message usually includes a link to a webpage where you will be asked to enter personal data. If you supply the data, the hackers can use that information to gain access to your accounts and commit crimes. The linked webpage may also download malicious code, such as viruses or spyware, onto your computer.
Spam is unsolicited commercial email. It is annoying and often includes a sham offer that will cost you time and money. You should take steps to limit the amount of spam you receive, and treat spam the same way you would treat an uninvited telemarketing call.
Most phishing scams can be avoided by following these basic principles:
- Treat ALL LINKS as if they are suspicious. (Links include web addresses and URLs.)
- Log in with your NetID at official Hunter College sites and your “MYHUNTER” account ONLY.
- NEVER provide your password or other sensitive information in an email message.
- You are responsible for your Hunter NetID. Do not share your password with anyone for any reason.
- Email is not a secure way to send out personal information. All email messages can be intercepted when sent, and email messages are not encrypted or protected by default.
- If an attacker gains access to your email account, all of the sensitive information stored there will be accessible to the attacker.
- Be suspicious of these kinds of messages:
- Messages urging you to “take immediate action.” Often the message communicates a sense of urgency and/or a threat that if you don’t take action, your account will be shut down.
- Claims that your email inbox is full or near its quota and needs to be upgraded.
- Claims that you must log in to trigger security features or other services.