Wednesday, January 12, 2022
Did you know that phishing attacks account for over 80% of all reported security incidents? These attacks can be conducted through any form of communication such as text message, voicemail and, most commonly, email.
Attackers often use phishing scams to impersonate employees and organizations in order to obtain confidential information or to steal resources. To avoid becoming a victim of a phishing scam, please follow these best practices:
- Be cautious of any email with an "[EXT]" tag at the beginning of the subject line as it is coming from outside our organization that might not be trusted.
- Phishing messages may include a strong sense of urgency and may require an urgent action to be taken by someone impersonating a university employee; contact the university employee directly through an alternative communication method (e.g., phone call) to verify if the email is legitimate.
- Review the sender’s full email address to see if it is coming from a legitimate source.
- Do not click on a link or open an attachment in any type of message from an unrecognized sender.
- Never provide sensitive information via email or text such as usernames or passwords; the university will never ask you for your password.
- Hover your mouse over any web link to see if it is a recognizable address.
- Do not open shared or attached documents that you are not expecting.
- If in doubt of an email’s legitimacy, forward the email to email@example.com for review and analysis.