Phishing Awareness and Tips

Reducing the number of victims of phishing incidents helps reduce the risk of a potential information security breach.

Audience:

All phishing victims

Request/Action:

Please read the information below and follow the recommended steps.

 Rational:

This effort is to address a recent increase in the number of email users negatively impacted by phishing (fraudulent email messages).  

What is phishing: 

Phishing is a scam by which a user is duped (as by a deceptive e-mail message) into revealing personal or confidential information which the scammer can use illicitly. Examples of this can include (passwords, or banking information). These messages can come in the form of an opportunity for a money making opportunity like working from home or gift cards. Occasionally they include a sense of urgency that includes immediate action including issues with your email account. Many of these include a requested log-in to a web page that steals your user name and password credentials and consequently uses them to access your email. It is easier to spot these messages if you watch for the following; bad grammar, misspelled words, or an external email domain. See an actual example below of an phishing email recently received on campus.

Phishing Example:

From: dogsitterjob@gmail.com
Date: June 6, 2019 at 5:01:03 PM EDT
To:
Subject:DOG / PET SITTING JOB
Reply-To: "someone@outlook.com" (purposely removed the original address)

================================

Note :- Email someone@outlook.com

================================

Hello, I am a fellow student of University of Louisville. My Aunty is moving to the school area and needs someone who can pet sit her dogs 3 hours daily within 9am-11pm. Pay is $350 weekly.kindly email her for more info .... .You are to email her with your personal email NOT school email so she can receive your email because most times I email her with my school email she hardly receive my emails. Her email is xxxxx@xxxxxxx

================================

Note :- Email someone@outlook.com

================================

Strategy suggestion:

Please take a look at the IT Phish Bowl web page (no log-in required) to see the latest threats and check it before clicking on a link or opening an attachment. It is also recommended that you bookmark this site and set your browser to launch it so as to remind you to check it daily. The site also includes instructions for submitting phishing examples to IT so that they can validate them for you before taking action. You can also contact the IT HelpDesk at 852-7997 for assistance.

 How to set your startup page in Chrome:

  1. On your computer, open Chrome.
  2. At the top right, click More   Settings.
  3. Under "On startup," select Open a specific page or set of pages.

    To update your pages, to the right of a page, click More   Edit or Delete.

    If you don't catch the phish, the phish will catch you.