Phish of the Month
Recently, an email was delivered to UA users, supposedly offering employment. Here is a sample of this email:
|
From: notfrankwitmer[@]alaska[.]edu To proceed with the application, kindly text Professor Frank Witmer, Ed.D. at (XXX) XXX-XXX stating your full alias, email, department, and year of study about the job description and further application requirements. Best Wishes, Frank Witmer |
While the job in this email (and others like it) seem like a wonderful opportunity, this is not an authentic email from Dr. Witmer or the University of Alaska.
How can you tell?
In the past, phishing emails were less sophisticated, were riddled with misspelling and obvious grammatical errors. In the above example, the threat actor has done some research but has still included awkward phrasing and mistakes (we have formatted these items in bold).
Phishing emails use a few tactics to encourage you to act, such as:
- offers that are too good to be true
- things you might miss out on if you don't act fast (we underlined these items)
- negative consequences if you don't do what they tell you
- attempts to impersonate people who are known to you
Don't take the bait! Take a few seconds to scrutinize these emails and look for these
tactics before acting.
What should you do?
If you use Google Mail in the web client, please report these emails as phishing (instructions here: https://support.google.com/
Outlook user? Submit a Junk > Phishing report to mark these emails as dangerous.
As always, contact your local Service Desk if you need assistance!
|
UAA Report Security Issueor call 907-786-4646 |
UAF & SW (OIT) Report Security Issueor call 907-450-8300 |
UAS Report Security Issueor call 907-796-6400 |