Tips for recipients:
*The key thing to watch out for is unsolicited email. Unsolicited means that you were not expecting it.
*It doesn’t matter if you recognize the sender or not- sender name and address are easily faked.
*If an unsolicited email contains a link or attachment, do not click link or open attachment unless you can verify that the sender sent you this exact email. It doesn’t matter that they have sent you emails in the past.
*Checking on unsolicited emails does take extra time. But it might save you from getting phished or having your computer infected with malware, both of which are time-consuming problems to fix.
Tips for senders:
*To the extent possible, don’t send emails with links or attachments. Instead reference where the link or document is on a shared resource. Example: “To log onto the UW Employee Self Service webpage, please use the link on the Clinical Lab Links webpage under the UW Resources header.”
*Never send unsolicited emails with links or attachments. Always let your recipient know ahead of time if you will be sending a link or attachment.
*Never send links to secure systems that require login. This trains recipients to click links in email and log in when prompted, which is a key component of phishing campaigns.
Let’s do everything we can to keep ourselves and our co-workers safe!
Fake– These are scams so do NOT click links and do NOT enter info into websites.
- Google Docs invite- This one looks very real because links actually go to Google. In this case, Google accounts were hacked and were hosting a phishing scam targeting Google accounts. Google has since shut this down.
- Xerox multifunction doc- This one includes “conf” or “order” in the title followed by a number. It is personalized with your name. It instructs you to open an attachment which was sent from a Xerox machine. The link looks like an attachment name, but actually goes to a malicious website.
- “You have a message from President Ana M”- Curious what the UW prez would like to tell you? Don’t be, because this one’s fake. It’s a scam to steal UW NetID credentials.
- “Update”- This one appears to be from a UW email address (faked). It targets your UW NetID acct, threatens to suspend your email if you don’t respond within 24 hrs, and contains a link to a malicious website.
- “NetID Update”- This one also appears to be from a UW address. It also targets UW NetID and threatens to terminate your acct if you do not respond. It has a link which appears to be to a UW website, but is actually a malicious website.
- “Employee Self Service” – This one is a real mishmash. It features obviously fake email addresses, references to Microsoft Outlook, a link to a malicious website, and oddly, a National Health Laboratory Service disclaimer.
- “Re-validate mailbox”- This is another generic sort of phishing email targeting Microsoft Outlook users. It asks you to verify acct in order to increase storage capacity.
- “Scanned_Invoice873.pdf -Dropbox”- This one invites you to go to a malicious website (supposedly Dropbox) and retrieve a mysterious PDF invoice.
Real– I have confirmed that the following are legit emails. You may safely click links in the email and enter your personal information on the websites.
- UW Transportation office reminder to renew UPASS and other commute products.
- UW Transportation office request to update vehicle registration.
- UW Office of Regional and Community Relations employee housing survey- links to Survey Monkey.
Can’t get enough of phishing examples? No problem!
The UW CISO (Office of the Chief Information Security Officer) has some great examples on their webpage.
They also have a great explanation of phishing vs. regular old spam emails.