This phishing simulation was authorized by the VPUO.
How Can I Tell if an Email is a Phish?
In this phishing simulation your password was not captured.The University will not ask for passwords or other sensitive data via email or by linking directly to a web form.
Online criminals have many techniques at their disposal to fool not only you, but to overcome traditional online security procedures. When you recieve a phishing attack it is up to you to identify them as potential threats.
To tell if an email is a spear phishing attempt, be aware of emails and messages that:
-
Ask you to click on a link or open an attachment.
Hover over any links to see if they are authentic. -
Request sensitive data.
As mentioned, the University does not. The CRA will not. Your bank will not. -
Create a sense of urgency.
If you receive such an email, find other ways to verify if the content is true.
In many instances, a phishing email will direct you to an imitation website that appears legitimate, but attempts to steal your password or other sensitive data.
If an e-mail ever asks you to deal with an urgent opportunity or problem on a site you use regularly, don't click on it. If you're worried you can always open a new browser window and navigate to the site using a trustworhy method you're familiar with.
It has been estimated that 91% of all cyber attacks start with a spear phishing email. Help protect our organization by learning how to spot, and how to report, spear phishing emails.