Please contact userhelp@uwyo.edu (307-766-HELP) immediately if you have responded to a phishing email or otherwise believe that your account has been compromised. If you feel an email is malicious or contains a threat, or is suspicious in any way, please forward that email to userhelp@uwyo.edu so that we may investigate and rapidly mitigate risk
CLICK HERE TO REPORT A SUSPICIOUS E-MAIL
What is Phishing?
For those that are unfamiliar with this term, phishing describes an attempt by a disreputable entity or person to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy source. While the most common platforms for phishing are in e-mail or instant messaging, it is becoming more common on social networking sites that include chat rooms or other environments where web links can be shared and where attackers can disguise their identity. Examples of common phishing e-mails can be found HERE.
How does this happen at UW?
One of the most common forms of a phishing attack in higher education environments is official looking emails claiming to be from the university’s technical support team and usually taking the form of a message asking for your user ID and password, with a threat of account deactivation if you fail to reply. These specifically crafted phishing attempts are primarily focused on gaining access to email accounts to enable them to send malicious emails to other systems with the appearance of coming from a legitimate mail system, such as UW’s.
A simple rule of thumb is that UWIT will not ask for your account password, ever. If an email asks for your UW password, or sends a link asking for your UW password, it is not legitimate, no matter where it comes from or how it looks. UWIT also digitally signs its notification emails, like this one. With a digital signature you will see the red ribbon icon below
At any time if you are confused about an email, contact the UWIT Help Desk at 307 766-4357
, option #1.
How can I spot a phishing message?
1. Asks for sensitive information such as usernames, passwords, account number, SSN, credit card numbers, etc.
2. You did not initiate the communication (it is unsolicited).
3. Includes a link that you are somehow encouraged to “click on.”
4. Obvious typographical and grammatical errors that the sender they are masquerading as would not make.
So, why are these qualities a strong indication of a Phishing message?
1. No reputable institution that you have dealings with would ever ask for or attempt to obtain sensitive information via unsolicited electronic communication.
2. On the rare occasions where password resets and similar communication are conducted via electronic message, it should only be as a result of an action that you initiated. (NOTE: If you receive such a message from an institution you are affiliated with, you should be sure to contact them using your normal methods of communication, do not use those prescribed in the message.)
3. Web links force a user to enter an electronic environment controlled by an attacker. Not only can they solicit your sensitive information but they can perform further automated attacks on your computer. This greatly increases the value of the attacker's interaction with you.
4. Phishing attempts are by definition a malicious act and as such are more frequently perpetrated by attackers for whom attention to detail is not typically a common a trait. The Phishing “industry” is one that prizes quantity over quality. That said, some recent ones have been extremely sophisticated and very well designed.
What do I do if I accidently respond to one?
1. If possible, change the password or access credentials immediately.
2. Contact the technical support team for the resource that you may have compromised. Speed is critical, attackers can begin exploiting your information in minutes! At UW, you should contact the UWIT Help Desk 307-766-4357, option #1 or e-mail userhelp@uwyo.edu.
3. Keep the original message. Many times it’s helpful to the technical support team.
Additional Resources:
If you would like to read more about Phishing, and look at some examples, any of the links below provide great information from authorities in higher education and beyond:
Social Engineering: https://www.webroot.com/ca/en/resources/tips-articles/what-is-social-engineering
Educause Security Resources: http://www.educause.edu/events/security-professionals-virtual-conference-2014/2014/dont-take-bait-simple-and-effective-phishing-training
Microsoft Safety and Security Center: http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx
US-CERT (Federal Government): http://www.us-cert.gov/nav/report_phishing.html and http://www.us-cert.gov/cas/tips/ST04-014.html
Think you have it down when it comes to spotting Phishing? Test yourself online at: http://www.sonicwall.com/furl/phishing/. How did you do?
Please feel free to contact the UWIT Help Desk at 307-766-4357, option #1 or e-mail userhelp@uwyo.edu if you have any questions or concerns.