![\"Bank](\"https:\/\/www.montclair.edu\/phish-files\/wp-content\/uploads\/sites\/290\/2026\/02\/BankMobile-Phish.png\")
<\/p>\n<\/p>\n
Use of Official Names: <\/strong>The email mentions BMTX (BankMobile)<\/strong>, a service many universities actually use for disbursements.<\/p>\n<\/li>\n Specific Dollar Amounts:<\/strong> Using a precise figure like $1,367.64<\/strong> creates a sense of realism and urgency.<\/p>\n<\/li>\n Professional Formatting:<\/strong> It includes standard boilerplate language about “Identity Theft” and “Customer Service” to mimic a security-conscious organization.<\/p>\n<\/li>\n<\/ul>\n Generic Greeting:<\/strong> Addressing the recipient as “Dear Student” instead of using a specific name is a major red flag for official financial communications.<\/p>\n<\/li>\n External Senders:<\/strong> The email originates from non-university addresses and non-BMTX domains.<\/p>\n<\/li>\n Nonsensical Procedures:<\/strong> The email asks you to update information with the IT Department<\/strong> to receive Financial Department<\/strong> funds. In a real scenario, the IT department does not handle student banking or tuition refunds.<\/p>\n<\/li>\n Hosted on Public Forms:<\/strong> The link leads to a Microsoft Forms<\/strong> page. Official banking or university business will always be conducted through a secure, proprietary portal, never a free public form tool (like Google Forms or Microsoft Forms).<\/p>\n<\/li>\n Punctuation and Grammar: <\/strong>Random capitalization (e.g., “All funds,” “Verify and Update”) and awkward phrasing are common in phishing templates.<\/p>\n<\/li>\n<\/ul>\n If you click the link and fill out the form, you are handing your sensitive data directly to cybercriminals.<\/p>\n Risks include:<\/strong><\/p>\n Financial Theft:<\/strong> Providing your banking information allows attackers to drain your accounts.<\/p>\n<\/li>\n Identity Theft:<\/strong> Providing your name, phone number, and password can be used to hijack your university account or open fraudulent credit lines.<\/p>\n<\/li>\n Credential Harvesting:<\/strong> If you use the same password for this “form” as you do for your university login, attackers can gain access to your student records and personal emails.<\/p>\n<\/li>\n<\/ul>\n Do not click any links<\/strong> or provide any information.<\/p>\n<\/li>\n Report the email<\/strong> via the Knowbe4 Phish Alert Button (PAB)<\/a>.<\/p>\n<\/li>\n Do<\/span><\/strong>\u00a0not <\/strong>approve any Duo MFA requests you did not initiate.<\/span><\/p>\n<\/li>\n<\/ol>\n Why This Email May Look Legitimate Use of Official Names: The email mentions BMTX (BankMobile), a service many universities actually use for disbursements. Specific Dollar Amounts: Using a precise figure like $1,367.64 creates a sense of realism and urgency. Professional Formatting: It includes standard boilerplate language about “Identity Theft” and “Customer Service” to mimic a […]<\/p>\n","protected":false},"author":349,"featured_media":1446,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-1445","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-fraud"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1445","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1445"}],"version-history":[{"count":2,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1445\/revisions"}],"predecessor-version":[{"id":1449,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1445\/revisions\/1449"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/1446"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1445"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1445"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1445"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Signs This Email Is Phishing<\/h2>\n
\n
Risks of Clicking the Link<\/h2>\n
\n
What Should You Do?<\/h2>\n
\n
Additional Notes<\/h2>\n
\n