A phishing scam uses fraudulent email and web pages to steal bank account information, passwords, and other confidential information.
The email and this webpage were developed by UAGC Information Security Team to help you learn how to protect yourself and your co-workers from phishing attacks.
We can help!
The email that you just read was not actually from UAGC. It was a phishing email designed to help you learn how to protect you and your co-workers from attack.
More Information
Phishing is an online scam involving email messages appearing to be from a trusted source. A type of phishing, called spear phishing, is especially problematic.
Spear phishing is a technique that con artists use to specifically target individuals or companies and gain access to private information or accounts.
With spear phishing, hackers disguise themselves as a trusted source by sending an email with a request to provide personal information, such as log in and password information. When the person gives the information by replying to the email or via a website link provided, the criminal goes into the account and takes what they want.
Watch for:
The email urges you to take immediate action.
Often, a phishing email tries to trick you into clicking a link by claiming that your account has been closed or put on hold, or that there’s been fraudulent activity requiring your immediate attention. To be safe, log into the account in question directly by visiting the appropriate website, then check your account status.
The hyperlinked URL is different from the one shown.
The hypertext link in a phishing email may include the name of a legitimate bank. But when you hover the mouse over the link (without clicking it), you may discover in a small pop-up window that the actual URL differs from the one displayed and doesn’t contain the university’s name.
Be wary of messages demanding immediate response and requesting passwords, bank accounts, or threatening to suspend or terminate your account.
Look at the sender's email address. Does it make sense? Is it from someone you know? If you don't know the person or the email account is not associated with the actual organization, look up the number for the institution and contact them to verify its authenticity. Do not use any phone numbers provided by the suspected sender.
Phishers could take stolen account credentials and sell them to criminals who could use your email or account to send huge volumes of spam. They could also gain access to your personal and financial information.