If you’re reading this, you may have spotted May’s test phishing email! This email was sent as part of the Secure UD “Take a BITE out of phish!” campaign, a University initiative to raise our community’s awareness about phishing attacks, their consequences, and how to avoid becoming a victim. Each month, a random sample of employees will receive a harmless test phish like this one:
- Check the sender. If the “from” address is unfamiliar, take a few extra moments to carefully examine the contents of the email message. This email comes from “email@example.com.” Does that sound like any company you know? If the email is truly coming from a legitimate company, the company’s name should be part of the sending address.
- Look out for grammar and spelling errors. Scam emails often contain typos and other errors, which are red flags indicating that the email probably didn’t come from a legitimate source. For example, “congratulations” is misspelled as “congraduations” in this email. While this could be a marketing tool for a legitimate source, the typo should still give you pause and you should inspect the email further.
- Don’t click links within a suspicious e-mail. Take a few extra seconds to check the link by hovering your mouse over the link to see the full URL. For some mobile email clients, clicking and holding the link reveals the full URL as well.
Always exercise caution; if you receive a suspicious request for your payment information, instructions to visit a suspicious website, or download a suspicious attachment, forward the message to firstname.lastname@example.org.
And as always, Think B4 You Click!