Phishing Awareness

COVID-19 and Cyber-crime

Cyber-criminals use Natural disasters and Crisis situations to prey on victims. COVID-19 is no different.

What is phishing?

Phishing uses fake emails or websites to collect usernames and passwords as well as bank account numbers, social security numbers, and other personal information. These emails and websites may look real, but they are actually designed to fool you into divulging information.

How to spot a phishing scam

You can identify a phishing scam by looking for email messages that:

  • Create a sense of urgency
  • Invoke strong emotions, like greed or fear
  • Request sensitive data
  • Contain links that do not appear to match legitimate resources for the organization that is contacting you
  • Communicate urgent changes to the organization or your department that require you to click a link
  • Claim you will lose your account if you don't click a link (emails from LETU about accounts always encourage you to contact our helpdesk at https://servicedesk.letu.edu 

Always remember that legitimate companies and organizations will never ask for passwords, social security numbers, and other sensitive data via email.

 

What to do with requests for sensitive or personal information via email

  • Never reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. 
  • Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date on critical updates, and protected with an antivirus application (like Windows 10's built-in Defender) to reduce risk of infection from malware.
  • Report and delete them (see below)

How to report suspected phishing email

  • Check the Related Articles section of this article for information on reporting spam and phishing emails.

 

Example Phishing Email

Below is an example of a typical phishing email with notes on the various elements that may help you recognize other attempts to trick you.

Be aware that some phishing emails are better crafted than this one and may use stolen graphics to actually look like emails from your bank, work or other location. As a result, you should carefully read and inspect any email instructing you to do anything and when in doubt, ask your manager or our helpdesk!

 

 

 

 

Thinking Like a Thief: Presentation

This presentation on cybersecurity will help you develop an intuition for spotting phishing emails and cover much more about keeping your technology secure. Check out the recorded session here: https://www.youtube.com/playlist?list=PLrRuB9O5HO7SaCBerBn3ddX6HJVdCwEC5

We recently shared a short training video on our Information Technology YouTube channel on an example phishing attempt. 

We also have a short Cybersecurity training course in Canvas in which you can self-enroll and learn more. Go to https://courses.letu.edu/enroll/HE7FG9 to begin. 

Print Article