is a psychological attack used by cyber criminals to trick you into giving up
information or taking an action. Phishing originally described email attacks
that would steal your online username and password. However, the term has
evolved and now refers to almost any message-based attack. These attacks befin
with a cyber criminal sending a message pretending to be from someone of
something you know, such as a friend, your bank, your company or a well-known
messages then entice you into taking an action, such as clicking on a malicious
link, opening an infected attachment, or responding to a scam. Cyber criminals craft
these convincing-looking emails and send them to millions of people around the
world. The criminals do not know who will fall victim, they simply know that
the more emails they send out, the more people they will have the opportunity
to hack. In addition, cyber criminals are not limited to just email but will
use other methods, such as instant messaging or social media posts.
concept is the same as phishing, except that instead of sending random emails
to millions of potential victims, cyber attackers send targeted messages to a
very few select individuals. With spear phishing, the cyber attackers research
their intended target, such as by reading the intended victims’ Linkedln or
Facebook accounts or any messages they posted on public blogs or forums. Based
on this research, the attackers then create a highly customized email that
appears relevant to the intended targets. This way, the individuals are far
more likely to fall victim.
not realize it, but you are a phishing target at work and at home. You and your
devices are worth a tremendous amount of money to cyber criminals, and they
will do anything they can to hack them. YOU are the most effective way to
detect and stop phishing. If you identify an email you think is a phishing
attack, or you are concerned you may have fallen victim, contact your help desk
or security team immediately.
suspicious of emails that request for your password. The university Office
of Information Technology (OIT) will NEVER ask for your password. An email
that contains a link that requests your username and password is most
likely a phishing attempt.
the email addresses. If the email appears to come from a legitimate
organization, but the “FROM” address is someone’s personal account, such
as @gmail.com or @hotmail.com, this is most likely an attack. Also, check
the “TO” and “CC” fields. Is the email being sent to people you do not
know or do not work with?
- The “REPLY
TO” email address in some cases is an ucdenver.edu email
address. This field can be easily spoofed, and/or messages can be
sent from an account that has already been compromised, so an
UCDenver.edu “ from” address should not be considered a positive
indicator of a legitimate message, but a non-UCDenver.edu address should
always be considered an indicator that the message is phishing. There
is no OIT Help Desk contact information included in the message: OIT
messages will always contain this information.
suspicious of emails addressed to “Dear User” or that use some other
generic salutation. If a trusted organization has a need to contact you,
they should know your name and information. Also ask yourself, am I
expecting an email from this company?
suspicious of grammar or spelling mistakes; most businesses proofread
their messages carefully before sending them.
suspicious of any email that requires “immediate action” or creates a
sense of urgency. This is a common technique to rush people into making a
mistake. Also legitimate organization will not ask you for your personal
careful with links, and only click on those that you are expecting. Also,
hover your mouse over the link. This shows you the true destination of
where you would go if you clicked on it. If the true destination is
different than what is shown in the email, this is an indication of an
suspicious of attachments. Only click on those you are expecting.
suspicious of any message that sounds too good to be true. (No, you did
not just win the lottery.)
because you got an email from your friend does not mean they sent it. You
friend’s computer may have been infected or their account may be
compromised. If you get a suspicious email from a trusted friend of
colleague, call them on the phone.
information is excerpt from a poster by SANS Institute. The poster can be
information about global threats, visit:
A list of
message subjects that have been used in recent phishing attacks against the
university can be found here.
never ask you for your credentials, under any circumstances.
Furthermore, we will never ask you to visit a website to validate your account.
If you are unsure about a message, and it is not on the page above, please
contact the OIT Help Desk (4-HELP or 303-724-3457) for clarification.
also send any phishing e-mail samples to firstname.lastname@example.org
so we can update our phishing protections.