If you’re reading this, you may have spotted December’s phishing test email! As always, you should forward this, or any other suspicious or questionable email, to reportaphish@udel.edu. Even if you click on a phishing link, always report the message. When it’s a UD challenge, we increase our reporting rate and gain greater understanding of our community’s awareness about phishing. When it’s a real phish, we can help reduce or prevent the consequences to you and the UD community.
This email was sent as part of the Secure UD “Take a BITE out of phish!” campaign, a University initiative to raise our community’s awareness about phishing attacks, their consequences, and how to avoid becoming a victim. Each month, a random sample of employees will receive a harmless test phish like this one:
Let’s look at what makes this email suspicious:
1. Always examine the sender’s email address. If the “from” address is unfamiliar, take a few extra moments to examine the contents of the email.
2. Don’t be blinded by official names or logos. Sophisticated cybercriminals will often use images and branding from a company or university’s website in order to make their emails appear official.
3. Using your name or other information specific to you (like your supervisor or department name) does NOT mean an email is legitimate. Phishers will often use your name or other information in order to appear legitimate. Consider the necessity of posting publicly viewable personal or professional information online and know that your content can be, and sometimes is, archived.
4. Don’t click links within a suspicious e-mail. Hyperlinks that appear legitimate can be a disguised link to a criminal or malicious website. When in doubt, hover your mouse over the text of the hyperlink (you should see the full URL, which will help to show whether it leads to a legitimate website). Or better yet, open a browser window and manually type in the hyperlink yourself to prevent it being re-directed. To inspect a link when using a mobile device, you can tap and hold the link to see the actual URL.
Be extra careful around the holidays. During any holiday season, you will see an increase in phishing attempts, as hackers try to capitalize on the increase of online shopping and the subsequent delivery of purchases. If you’re expecting a package, follow the tracking via the official tracking service of your delivery service. That way you know when they’re coming, and are not easily fooled by delivery phishing scams. Just take a few extra seconds when faced with a deal offered around the holidays, it might be a phish. For more information, visit: https://www.consumer.ftc.gov/blog/2020/11/holiday-season-help-friends-and-family-avoid-scam
Always exercise caution; if you receive a suspicious request for your personal information, instructions to visit a suspicious website, or download a suspicious attachment, forward it to reportaphish@udel.edu.
And as always, Think B4 U Click!