EMAIL ATTACK SIMULATION

If you are seeing this page, you may have clicked on a link or filled out information that potentially could of been harmful to your computer or personal information. Phishing happens to everybody, and its becoming a big problem. 

Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.

It's important for you to understand how to recognize a phishing attempt and what you can do to protect yourself.

  • Be cautious about all communications you receive. If it appears to be a phishing communication, do not respond. Delete it. 

  • Do not click on any links listed in the email message, and do not open any attachments contained in a suspicious email.

  • Inform IT Staff by submitting a support ticket

  • Do not enter personal information in a pop-up screen. Legitimate companies, agencies, and organizations don't ask for personal information via pop-up screens

What are common indicators of phishing attempts?

Suspicious sender’s address. The sender's address may imitate a legitimate business. Cyber criminals often use an email address that closely resembles one from a reputable company by altering or omitting a few characters. 

Generic greetings and signature. Both a generic greeting—such as “Dear Valued Customer” or “Sir/Ma’am”—and a lack of contact information in the signature block are strong indicators of a phishing email. A trusted organization will normally address you by name and provide their contact information.

Spoofed hyperlinks. If you hover your cursor over any links in the body of the email, and the links do not match the text that appears when hovering over them, the link may be spoofed. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Additionally, cyber criminals may use a URL shortening service to hide the true destination of the link.

Spelling and layout. Poor grammar and sentence structure, misspellings, and inconsistent formatting are other indicators of a possible phishing attempt. Reputable institutions have dedicated personnel that produce, verify, and proofread customer correspondence.

Suspicious attachments. An unsolicited email requesting a user download and open an attachment is a common delivery mechanism for malware. A cyber criminal may use a false sense of urgency or importance to help persuade a user to download or open an attachment without examining it first.