Phishing: The Digital Confidence Scam That Plays on Your Emotions

Imagine this: You receive an email that looks super official. It’s from your bank (or so it says), and it’s warning you about “suspicious activity.” Your heart jumps. Your palms are sweaty. You click the link.  

Boom.  

That is phishing in action.  

Phishing is the 21st-century cousin of the old-school confidence scam. You know, like the smooth-talking trickster who sweet-talked people out of their cash with charm and lies? Same strategy, just digitized.  

It’s Not Just Tech, It’s Psychology Phishers don’t need to hack your computer when they can hack you. These digital con artists exploit your trust, fear, curiosity, urgency, and even greed. It’s not about code; it’s about emotions.  

  • Trust: “This looks like it’s from IT, I better take it seriously.”  
  • Fear: “If I don’t respond, I might lose access!”  
  • Urgency: “They said my account will be locked in 10 minutes?!”  
  • Curiosity: “What’s this invoice for? I better open it.”  
  • Greed: “Hey! I won a free gift card!”  

Phishing works because it feels personal. It’s designed to make you react before you think. That split second of emotional hijack is all the bad guys need.  

You’re Not Dumb, You’re Human Falling for a phish doesn’t mean you’re gullible. It means you’re human. And guess what? Phishers count on that. The more you care about doing the right thing, staying secure, or responding quickly, the more likely you are to be targeted.  

So, What Can You Do? Start thinking like a skeptic. Treat every unexpected message like a stranger at your front door trying to sell you a deal that’s too good to be real.  

Pause. Breathe. Don’t react emotionally. 

Check the sender. Hover over links.  

Ask: Does this seem just a little too urgent, scary, or good to be true? 

 

Be the Plot Twist Phishers are counting on you to play your role in their scam. Flip the script. Be the person who doesn’t fall for the trap. Be the plot twist that ruins their day.  

Because when you sniff out a phishing email and report it, you’re not just protecting yourself. You’re protecting everyone around you. That makes you a cybersecurity A-lister that’s building a strong cybersecurity culture on campus.  

Phishing: The Digital Confidence Scam That Plays on Your Emotions 

Imagine this: You receive an email that looks super official. It's from your bank (or so it says), and it's warning you about "suspicious activity." Your heart jumps. Your palms are sweaty. You click the link.

Boom.

That is phishing in action.

Phishing is the 21st-century cousin of the old-school confidence scam. You know, like the smooth-talking trickster who sweet-talked people out of their cash with charm and lies? Same strategy, just digitized.

It's Not Just Tech, It's Psychology

Phishers don’t need to hack your computer when they can hack you. These digital con artists exploit your trust, fear, curiosity, urgency, and even greed. It’s not about code; it’s about emotions.

Trust: "This looks like it’s from IT, I better take it seriously."
Fear: "If I don’t respond, I might lose access!"
Urgency: "They said my account will be locked in 10 minutes?!"
Curiosity: "What’s this invoice for? I better open it."
Greed: "Hey! I won a free gift card!"

Phishing works because it feels personal. It's designed to make you react before you think. That split second of emotional hijack is all the bad guys need.

You're Not Dumb, You're Human

Falling for a phish doesn't mean you're gullible. It means you're human. And guess what? Phishers count on that. The more you care about doing the right thing, staying secure, or responding quickly, the more likely you are to be targeted.

So, What Can You Do?

Start thinking like a skeptic. Treat every unexpected message like a stranger at your front door trying to sell you a deal that’s too good to be real.

Pause. Breathe. Don't react emotionally.

Check the sender. Hover over links.

Ask: Does this seem just a little too urgent, scary, or good to be true?

Be the Plot Twist

Phishers are counting on you to play your role in their scam. Flip the script. Be the person who doesn’t fall for the trap. Be the plot twist that ruins their day.

Because when you sniff out a phishing email and report it, you're not just protecting yourself. You're protecting everyone around you. That makes you a cybersecurity A-lister that’s building a strong cybersecurity culture on campus.

Phishing Alert: Do Not Take the Bait 

Phishing emails continue to be one of the most effective cyberattacks targeting universities. These fraudulent messages often appear to come from trusted sources—professors, IT staff, or campus departments. Still, their goal is to trick you into giving up login credentials, downloading malware, or clicking on malicious links.  

This month’s Information Security Tip focuses on how to spot phishing attempts and what to do if you suspect something suspicious. 
 

Spot a Phish: What to Look For 

  • Urgent or time-sensitive language (e.g., “Your account will be locked!”)  
  • Strange senders or unfamiliar email domains  
  • Unexpected attachments or vague shared documents  
  • Links that do not match the sender or stated purpose.  

Tip: Hover over links to preview the URL. Never enter your SU NetID and password unless you are sure the page is legitimate. 
 

Campus Phishing Example 

Recently, ITS ran a phishing simulation, and 36% of recipients clicked the link in the email. While the message appeared to be a Google Sheet shared by a campus leader, there were several signs that it was suspicious: 

  1. Misspelled sender domain: The email came from @widnows.net, which is not a legitimate Google domain. 
  1. Mismatched link: The document link didn’t direct to a Google service. 
  1. Suspicious footer: The email referenced a cyber academy unrelated to Syracuse University, suggesting the sender wasn’t who they claimed to be. 
  1. Lack of context: Recipients should have asked themselves, was I expecting this kind of document from this person? 

This simulation highlights the importance of slowing down and checking for small details that can signal a phishing attempt. 

Review SU’s phishing awareness resources: Phishing and Suspicious Email
 

Report Suspected Phishing Emails 

Use the Report Phishing tool in Microsoft Outlook to report suspected phishing emails or contact the ITS Service Center for assistance, 315-443-2677. 

Notes From the CISO’s Desk

The Role We All Play in Keeping Syracuse Secure 

At Syracuse University, we pride ourselves on being a community of innovators, educators, and learners. But in today’s connected world, we’re also all stewards of something incredibly valuable: information. Whether you’re a faculty member managing sensitive research data, a staff member handling student records, or a student logging into campus systems—every one of us plays a role in protecting the University’s digital ecosystem.  

Cybersecurity isn’t just a technical issue for IT to handle behind the scenes—it’s a people issue. Most breaches don’t happen because of sophisticated hacking tools, but because of simple, preventable mistakes: clicking a malicious link, reusing a password, or opening an attachment too quickly These small actions can lead to big consequences: data loss, reputational damage, and real financial harm.  

It’s not about blame—it’s about staying aware and looking out for one another. When we understand how our daily habits impact security, we can make better decisions. Using strong, unique passwords. Double-checking unexpected messages. Reporting suspicious activity. These are small steps that, when taken together, build a powerful defense.  

Our dedicated InfoSec team is constantly working to stay ahead of threats—but the truth is, our strongest defense is you. Every safe login, every cautious click, every report of a phish—these are all victories that keep our campus community safer.  

As we take advantage of evolving technologies—like AI and cloud-based collaboration—our ways of teaching, learning, and working continue to change. That’s why your vigilance, your questions, and your care are more important than ever.  

Thank you for being part of the solution.  

— Christopher Croad 
Chief Information Security Officer 
Syracuse University  

AI Insights for June 26, 2025

This message was originally shared to subscribers June 26, 2025.

Upcoming Event

Join us for Generative AI for Staff, part of the ITS Summer Series, on Monday, July 8. In just 45 minutes, Tech Transformation Specialist Shannon Glennon will demo tools like ChatGPT, Copilot, and Gemini and show you easy ways to start using AI in your day-to-day work.

Quick, practical, and virtual—don’t miss it! Register here.

In This Issue

Both summer and AI are heating up!​ This​ issue captures the clash between innovation and consequence. From Mattel teaming up with OpenAI to reimagine play to New York State introducing new AI safety legislation, we’re seeing institutions of all kinds stake their claims in the future of artificial intelligence. Meanwhile, a growing number of students are leaning on AI tools not to cheat, but to stay afloat, and sometimes, to rediscover their drive to learn.

You will​ find perspectives on AI’s evolving role in education, the workplace, and even Wikipedia. We explore Pope Leo XIV’s cautionary message on AI’s impact on children, the BBC’s legal battle against AI content scraping, and Anthropic’s stark warning that the most advanced models are already choosing deception in simulated scenarios.

News and Views

Access to The New York Times, The Wall Street Journal and The Washington Post is available to all students, faculty and staff with a valid Syracuse University NetID. Learn more.

AI and Broader Societal Impact

  • Pope Leo XIV Flags AI Impact on Kids’ Intellectual and Spiritual Development (AP News)
  • Tech Industry Fights to Save Clean-Energy Tax Credits (The Wall Street Journal)
  • Google DeepMind’s Optimized AI Model Runs Directly on Robots (The Verge)
  • A Case of ChatGPT Trying (and Failing) to Play Atari (New Atlas)

Academia and Education

Law, Regulation, Policy

Media, Publishing, and Content Regulation

  • News Sites Are Getting Crushed by Google’s New AI Tools (The Wall Street Journal)
  • Wikipedia Halts AI Plans as Editors Revolt (Mashable)
  • BBC Threatens AI Firm with Legal Action Over Unauthorized Content Use (BBC)
  • Anthropic Wins a Major Fair Use Victory for AI – but It’s Still in Trouble for Stealing Books (The Verge)
  • From ChatGPT to Gemini: How AI Is Rewriting the Internet (The Verge)

Strategic Partnerships and Corporate Moves

  • Mattel and OpenAI Announce Strategic Collaboration (Mattel)
  • Apple Is Reportedly Considering Buying Perplexity AI in iPhone Maker’s Biggest-Ever Acquisition (Tom’s Guide)
  • Verizon Adopts Google’s Gemini AI to Help Customers Solve ‘Complex’ Issues (The Verge)

Workforce and Workplace

  • Nvidia CEO Rebuts Anthropic CEO’s Dire Prediction of AI Taking Jobs (PYMNTS)
  • Amazon CEO: Generative AI Will Lead to Corporate Job Cuts as Automation Ramps Up (Amazon)
  • The Godfather of AI Reveals Which Jobs Are Safest — and Where ‘Everybody’ Will Get Replaced (Business Insider)

This Issue’s Tip: Use AI to Reflect and Reboot Over the Summer

Summer’s a perfect time to step back and reflect—and AI can help you do just that. Use it to analyze patterns in your teaching evaluations, research activity, or even email workflows to uncover what worked (and what didn’t) over the past year.

🧠 Bonus Value: Some tools can generate actionable summaries or visualizations, helping you set clearer priorities for fall—whether you’re revising a syllabus or planning a new initiative.

💡 Think of AI as your low-stress planning partner while you’re sipping that iced coffee.

This Issue’s Prompt: Plan Ahead

A prompt is how you ask generative AI tools to do something for you (e.g., creating, summarizing, editing or transforming). Treat it like a conversation, using clear language and enough context to get the result you have in mind.

To get more practice, use the generative AI tool of your choice (for example, Microsoft Copilot, OpenAI ChatGPT or Anthropic Claude) to execute the following prompt:

“I have a busy month coming up. Help me organize my priorities across work, personal tasks, and long-term goals. Create a weekly plan that balances deadlines with time for focus, rest, and catch-up.

Helpful Resources

Thank you for reading. Go Orange!