As a college, we often experience phishing email cyber attacks. You will likely receive some during your time here; learn what to look for. The key is to be mindful of what you share and click.
We've recognized and stopped most, but some have succeeded. One stole straight from a YCP employee's direct deposit, after claiming they wanted to change their bank info for the next payroll. Another used ransomware to steal and withhold a YCP student's work and personal info; she was forced to pay a hefty fee before getting her content back.
Hackers know that employees are in the midst of COVID-19 work changes; they're ready to abuse your extra stress and confusion. Please be highly suspicious of any emails that ask you to click a link, change an employee or student record, or send money or gift cards. Contact us if you see any such thing.
Spot a phishing email
Mismatched email address - Ensure that the email address displayed in the “From:” field matches the sender’s name and email address. All employees should be using their YCP email address to communicate with other employees, not a personal address.
Urgent request - Phishing attacks will attempt to rush you into taking action before you can verify the request. They will appear to come from a person or department with authority, such as Human Resources, the president or a dean.
Bad spelling or grammar - Phishing messages are known for containing misspellings or poor grammar
Generic signature line - Emails from YCP employees usually have a signature line at the bottom with a name you can verify and valid contact information.
Unexpected request - Demands for employee or student information or requests to purchase gift cards.
If you receive a suspicious email...
Verify the request - Look up the sender in the employee directory and ask them if their request is valid.
Delete the message - Once forwarded, we'll have what we need to investigate.