Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
March 31, 2026

Gone Fishing… See You in Fall!

Posted in: News

An alien and astronaut in space with a fishing rod holding a blue fish that says "breaking news."

The Phish Files will be going on hiatus until Fall 2026. Over the past year, we’ve shared real phishing attempts seen on campus, explained why they looked convincing, and highlighted ways you can protect your account and personal information.

While the series is taking a short break, phishing scams don’t take the summer off. You can still stay up to date with cybersecurity tips, scam alerts, and helpful reminders from the Information Security team through:

  • The IT Newsletter, delivered every Tuesday

  • Our Instagram, where we post quick security tips and updates

Before You Click: A Phish Files Checklist

While Phish Files is on hiatus, phishing attempts will still be circulating. Keep these reminders in mind to help protect your account and the campus community:

1. Report suspicious emails
Use the Phish Alert Button (PAB) whenever something looks suspicious. Reporting helps the Information Security team investigate and remove threats from other inboxes across campus.

2. IT will not text you
Unexpected text messages claiming to be from IT asking you to verify your account or approve a login are a common scam tactic.

3. Never share your password or Duo codes
Montclair will never ask for your password, Duo authentication code, or login approval.

4. Be cautious with forms asking for personal information
Phishing emails often include forms requesting login details, financial information, or other personal data. Do not submit sensitive information through unsolicited links or forms.

5. Verify unusual requests
If an email appears to come from a campus department, coworker, or professor but seems unusual, contact them directly using known campus contact information rather than replying to the message.

6. Check links before clicking
Hover your mouse over links to preview the destination. If something looks unfamiliar or suspicious, go directly to the official website instead of clicking the email link.

7. Watch for urgency or pressure
Phishing messages often claim your account will be locked or that you must act immediately. Take a moment to pause and verify before responding.

8. Be cautious with unexpected attachments or shared documents
Even if a message appears to come from someone you know, confirm with them before opening unexpected files or document shares.

9. Look closely at the sender’s email address
Attackers often use addresses that look similar to legitimate university accounts but contain small differences.

10. Be cautious of unexpected job offers
Scammers frequently target students with fake job opportunities sent through email. Legitimate student job postings and opportunities from the university are shared through Handshake, not unsolicited emails.

Staying alert and reporting suspicious messages helps protect not just your account, but the entire Montclair community.

The Phish Files will return in Fall 2026 with more real examples and tips to help you spot phishing attempts before they cause harm. In the meantime, keep reporting those suspicious emails—we appreciate your help in keeping our campus safe.