Infographic with hashtag Cybersmart

Cybersecurity Awareness Month: Look Out for Phishing

October is National Cybersecurity Awareness Month. Learn how to spot phishing emails with tips from the Office of Information Technology.

Remember the red flags of phishing hashtag CybersmartCybersecurity is an ever-evolving complex field of top-notch security professionals, tools and technologies. However, when it comes to phishing, it’s really quite simple:  if it’s too good to be true, it’s probably a scam.

Hackers often email UA students with fake job offer emails, offering $800 or $1,000 per week for menial tasks. Students can be tempted to quickly earn easy money; however, these emails are not legitimate — they are scam attempts. If a student falls victim to a phishing email, their first action should be to contact UAPD to file a police report.

The good news? You don’t have to fall for a phishing email. Avoid them by asking yourself these questions when reading an email.

Who sent this message?
Take a look at the from email address. The from name may appear to be a legitimate corporation, like Cisco Systems, but the email address may be a personal @gmail account. A legitimate email from Cisco would be sent from the company’s domain such as @cisco.com. For faculty and staff, messages sent from outside of the University will feature an [EXTERNAL] label in the subject line.

Is the content urgent?
Most of the time, there is no need to REPLY IMMEDIATELY to an email. Hackers often use urgent and threatening messages to get our attention and force us to react.

Is there a link or attachment?
If so, hover before you click. By hovering over a link, you can see the intended destination of a link or attachment. This will let you know where the link is taking you before you go there. If you do not recognize the URL, do not click the link.

Is it too good to be true?
Trust your gut. Hackers do their research and know the intended recipient of each message. They may use language written in a way to entice you. Don’t fall for it!

If you receive a phishing email: Mark the email as junk and empty your junk folder. In Outlook, users can click a message, then select “Junk” from the main menu. This will train your inbox to better recognize phishing emails and send them to the junk folder automatically.

October is National Cybersecurity Awareness Month. OIT will be posting cyber safety tips throughout the month. For more information about UA cybersecurity practices, visit the OIT website.