CyberSecurity Awareness #1: Phishing

Created by Micah Schaafsma
Last updated: Jan 09, 2018
3 min read

"Phishing" is the name given to email messages that try and trick you to give up your username and password. SPU blocks lots of phishing email through filtering, but some messages inevitably get through. Moral of the story: "Please be cautious!"

When are you most susceptible?

Statistics reveal some interesting patterns and trends in regards to when and how most people fall for phishing:

  • More responses occur from mobile phones.
  • More responses occur when respondents are away from the office.
  • More responses occur outside of work hours (evenings and weekends).

SPU Users Are Still Taking the Bait!!

Despite the warnings about responding to phishing messages - some students and staff continue to be victimized.

  • Phishing scams appear to come from legitimate sources like the "Email Administrator," the "HelpDesk," the "IT Dept," your Internet Service Provider, your bank, eBay, Paypal, etc.... The messages often direct you to a fake web site or ask you to reply with private information like usernames and passwords.
  • In the past few weeks some SPU users have had their Banner information modified as a result of stolen passwords. While a frequent use of stolen passwords is to use your account for spam and more phishing attacks -- other more sensitive personal data is also exposed.
  • Beware and be suspicious! Scammers are very sophisticated in making their pages look like the real thing. Once your account information has been compromised the hacker can then access other private and personal information and steal your identity.

Table of Contents

Tips for Phishing Detection

Four message characteristics to be on the guard for:

  • Greetings and closings. A generic recipient or closing is a good indication the message is phishing. ALL messages about restoring an email account or performing system maintenance should be viewed with caution.
  • Clickable links re-direct you to another web site. Always be cautious about links in email messages. See below for "hover" technique.
  • Threats or urgency in the message language, such as response deadlines.

  • Attachments: PDF or Word files are frequently used as “click bait” to trick you into opening unsafe files.

Use the "Hover" Technique

Many phishing messages include links that send the user to a malicious web site or a fake login page. Hover over the web links with your mouse to inspect the web site address BEFORE YOU CLICK! An example might be the printed URL and actual destination addresses don't match.

Oops, I made a Mistake!

  • What should you do if you take the bait? If you think you might have taken the bait and given up your SPU username and credential -- immediately go to the Banner System (Personal Menu, Computer Accounts Menu, Change Your Password) and reset your SPU password.
  • What will CIS do if your account has been compromised? CIS suspects an email account is compromised when we notice the account sending large volumes of spam or other malicious activity. Our action is to immediately disable the compromised account which will block access to SPU email, Canvas, Banner, and all other campus resources. The account will stay blocked until we can assist with password changes and remediation.

SPU has been the target of dozens of phishing attempts in the past few months. We block 1,000's of messages a day that are phish -- but some are always going to get through. Requests for "immediate action" to prevent account closures, disconnection of service, or other verification are sure signs you're being "phished." SPU WILL NEVER ask for your PASSWORD via email.