It’s the final day of National Cybersecurity Awareness Month and our final national theme is (drum roll, please):
Recognize and report phishing (and scams)
Phishing is a form of email fraud in which cyber criminals and other adversaries attempt to entice you to click on links or download attachments so that they can steal valuable data, including your UW NetID login credentials.
Phishing emails, texts, and calls are the most common way that UW data is stolen or compromised, and they are part of a continuous stream of various scams that target members of the UW community. By learning to recognize phishing attempts and other scams, and reporting them whenever you encounter them, you’ll be taking an active role in securing UW institutional data.
Things to do
- Learn about tactics and techniques used by adversaries: Recognize and Report Phishing
- Check out recent catches: Phishing Examples
- Learn about social engineering attacks in which messages are specifically tailored to trick researchers and others in university environments: Spear Phishing Risk Advisory
- Read about attackers who develop trust over time with their social engineering tactics: OIS News & Alerts blog
- Learn about other types of scams that target students, staff, faculty, and researchers at UW: OIS Scams web page
- Find out what UW does to detect malicious emails and what steps you can take to report it: Protecting your email on IT Connect