Check the Full URL
When you receive an email that directs you to a web page. Be careful of spoofed web pages that look similar to reputable sites or malicious sites that will install malware on your device. Follow the methods below to view the full URL on your devices.
- On your smartphone or tablet, long press the link by tapping and holding down the URL until a dialog box appears containing a preview of the URL directed site. If the URL is shortened, you can copy the URL and paste it into a virus scanner webpage like Virus Total https://www.virustotal.com/gui/home to determine if the URL is malicious.
- On your computer, hover over the link with your mouse. The URL will usually appear in the lower left corner of your window.This email is a fraud phishing email. Clues that indicate this email is fraudulent:
- The URL redirects to a non-CMU website. When the mouse cursor is hovered over the URL link, the real URL path appears at the bottom left of the screen. In this case, the URL is clearly not a CMU web page.
- Unsolicited request to validate your account or it will expire. CMU will never ask you to validate or verify your account. CMU email accounts only expire when you leave the university and are not longer eligible for them.
- The "From" address is fake. Even though the message above looks like it came from a CMU email address, it didn't. In this case a quick check of the CMU Directory to search for a group email name that matches "service" reveals no such group exists.