What is Phishing?

Phishing refers to the process where a targeted individual is contacted by email by someone posing as a legitimate institution to lure the individual into providing sensitive information such as banking information, credit card details, and passwords. The personal information is then used to access the individual’s account and can result in identity theft and financial loss. Be very cautious. Phishers can only find you if you respond. Please note that you are the most effective way to detect and stop phishing. 

Phishers send more convincing emails all the time.  Can you spot them?  Click here to take the Sonicwall Phishing IQ Test to see how you score.

Phishing Indicators

Example 1

 Date: Feb 10, 2016 2:10 pm

From addresses are easily forged and can look like the message came from someone you know. Also check the “TO” and “CC” fields. Is the email being sent to people you do not know or do not work with?

Example 2

This is to inform you that IT Administrator has currently upgraded all mailboxes (size to 50.0GB). Please upgrade your account by clicking on the link Faculty & Staff Email Upgrade

Be careful with links, and only click on those that you are expecting. Hovering your mouse over the link will show you the true destination of of the link without actually having to click on it. Check for grammar and spelling mistakes and be wary of offers that seem too good to be true as these can all be indicators of a phishing attempt.

Example 3

There has been an automatic security update on your email address CLICK HERE here to complete update Please note that you have within 24 hours to complete this update because you might lose access to your Email Box.

Be suspicious of any email that requires “immediate action, within 24 hours”. This is a common technique to rush people into making a mistake. Don’t respond to emails requesting confidential information or emails that are asking for you to login with your Brock credentials. Remember, if something looks too good to be true, it probably is. Legitimate organizations will not ask you for your personal information.

This message was identified as a phishing scam.

If you see the above line in the body of an email, please be aware this is a phishing email and was identified as such by Microsoft Exchange Online Protection.

How am I affected?

You may not realize it, but YOU ARE A PHISHING TARGET at work and at home. Organized crime groups want you to click on a link that takes you to a website where your personal information is requested. 

Is Phishing Serious?

As we live more and more of our lives online, and use our phones, computers and online services for more of our personal information, these accounts become very valuable to organized crime. You may not be famous but you are still a target. Your bank accounts as well as credit/debit cards are prime targets for criminals as the days of the big bank heist are over. Organized crime now employs large networks of computers and minions to try and steal a few hundred dollars at a time from large numbers of people. Estimates put the cost of phishing and identity theft at over $5 billion annually. Having control of your email account can give criminals access to more that just your email messages. Almost all online services like Facebook, Twitter and Amazon use your email to verify your identity and perform password resets so gaining access to your email account can give these criminals access to more than just your email. 

Email Safety Tips

Click here to read our email safety tips

If you are unsure or believe you have been a victim of a phishing attack please contact the IT Team.