Cyber Tips: Fishing Phish

Cyber Tips: Fishing Phish

Cyber Tips: Fishing Phish


5/26/2022

Håfa Adai UOG Community, 

There has been a recent phishing attempt sent to the community. Please remember not to click on any suspicious links or download any files attached. OIT wants to remind the community that our office will NEVER directly contact users to provide email password information

If you are unsure about the validity of an email please do not hesitate to contact iso@uog.edu for more assistance.

HOW TO SPOT A PHISH

  1.  Look out for spelling and grammatical inconsistencies
  2. Be wary of emails that have a shortened link composed within the body of the email.
  3.  Phishing emails can consist of but are not limited to job offers, gift card purchases, account/password inquiries, etc.
  4. Expect the unexpected. Familiar names can be the bait to the hook.
  5. Never give out personal or financial information based on an email request.

WHAT IS REQUIRED OF ME? 

  1. DO NOT click or download any suspicious links or files from senders you do not recognize.
  2. Report the email as a phish on our system
    1. Click the ellipses on the top right-hand side of the email
    2. Navigate to  Security Options
    3. Click Mark as Phishing from the extra menu that appears
  3. If you clicked the links and gave out your information notify iso@uog.edu as soon as possible

QUESTIONS? 

Should you have any questions, please contact the IT Help Desk at helpdesk@triton.uog.edu or call at 671-735-2640 

Please stay safe and enjoy the rest of your week! 

Si Yu'os ma'åse'! 


Graphic image content:

What's phishing?

Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. It is usually performed via email. The goal is to steal sensitive data such as financial and login information.

Types of Phishing

  • Spear Phishing: Targets specific individuals instead of a wide group of people.
  • O365 Phishing: Targets access to a Microsoft 365 email account. Usually takes form of a fake email from Microsoft, requesting for login credentials.
  • Whaling: Targets the "big fish" like a CEO or the President of an organization.
  • Vishing: The telephone equivalent to phishing to gain access to compromising information.
  • How to spot a Phish

How to spot a Phish

  1. Look out for spelling and grammatical inconsistencies.
  2. Be wary of emails that have shortened link(s) composed within the body of the email.
  3. Phishing emails can consist of but are not limited to job offers, gift card purchases, account and password inquiries, etc.
  4. Expect the unexpected. Familiar names can be the bait to the hook.
  5. Never give out personal or financial information based on an email request.