Protect Yourself from Phishing Scams

What is Phishing?

Phishing is a type of cyber attack disguised as something seemingly ordinary. The goal is to deceive an unsuspecting user and steal personal details, account credentials, sensitive information, or even money. Users may encounter this through the form of:

  • Unsolicited emails / messages

  • Video links

  • Attachments containing malware

  • Fake websites

  • Bogus text messages

How do I recognize a phishing attempt?

Be cautious and watch out for the following indicators:

  • Suspicious email address

  • Link to a bogus company page

  • Warning from Google

  • Grammatical mistakes

  • Contains malicious files

  • Uses Scare Tactics

  • Offers that appear too good to be true

  • Asking for help/donations through unsecured channels

Here are some Google phishing scams that have been reported in the past:

Source: Google Support (Google Pop-Up Scam, Google Lotto Scam Notification, Google AdWords Impersonation Scam)

How can I prevent myself from being a victim of phishing scams?

  1. Verify the email address of the sender before clicking any link or downloading attachments.

Note: Ateneo de Manila University will only use Ateneo.edu emails (usually assigned to an office or an individual) for official communications. If you have received an email from someone claiming to be from Ateneo but is not using an official email, please consider it a suspicious email. Additionally, Ateneo de Manila University will NEVER ask you for your passwords via email or a website that is not owned by AdMU nor security-signed.

2. Change your passwords regularly. It is also highly encouraged that you use different passwords for different accounts. For Ateneo accounts, please change your password here: https://myportal.ateneo.edu.

3. Enable two-factor authentication.

4. Avoid using your ateneo.edu email for personal accounts such as social media.

5. Update your computer’s antivirus software and scan your computer for viruses and other malware on a regular basis.

6. Update your computer’s operating system to ensure that security patches are in place.

7. Report a spam email by tagging the email as spam:

  • Open the email using the web version of Gmail and click the three dots at the upper right corner

  • Select Report spam

8. Ensure that the connection of the site you are trying to access is secure. To do this, look for the following indicators:

  • Security Status / Padlock icon to the left of the web address


  • Using HTTPS connection

What should I do if I receive a suspected phishing email?

  1. If you have replied to a phishing email with the requested information, please change your passwords immediately. For Ateneo accounts, change your password here: https://myportal.ateneo.edu.

2. Report the suspicious email by:

a. Tagging the email as phishing:

  • Open the email using the web version of Gmail and click the three dots at the upper right corner

  • Select Report phishing

b. Sending an email to itrmo@ateneo.edu in order for the account administrator to filter out suspicious emails. Please provide the following details:

  • Email address of the sender

  • Screenshots of the email or website.

Samples of Recent Phishing Scams

Phishing Email Disguised as COVID19-Related Information

Source: Cybereason Blog

https://www.cybereason.com/blog/just-because-youre-home-doesnt-mean-youre-safe

Source: Cybereason Nocturnus

Pretending to be WHO or other organizations asking for help/donation:

Source: WHO Communications

https://www.who.int/about/communications/cyber-security

Source: Sophos Labs / Chester Wisniewski Twitter
Source: Check Point Research