It used to be easy to spot phishing scams – no, no rich prince would want to share his fortune with you, if you could just give him your credit card number. These days, email scams have evolved to a point where the messages may appear to be coming from your friends, co -workers, bank or even your own friendly neighborhood tech department.
At the end of April’s Cybersecurity Awareness month, the University of Calgary’s Information Technologies (IT) team would like to give you some tips to stay cybersecure throughout the year. Although online criminals see staff, students and researchers as primary targets for cyberattacks, there are many ways you can protect yourself.
What is phishing?
Phishing is an impersonation by a corporation, institution or person with the intent to gain access to personal or financial information or access to private data and systems. While some phishing (and its text equivalent, “smishing”) is easy to spot, the most sophisticated attacks are virtually indeterminate from UCalgary’s own internal emails.
These messages often contain a sense of urgency, which motivates you to react quickly rather than give the email a thorough review to ensure its validity. When you click a fraudulent link or download the wrong document, a criminal can use their access to not only steal your information, but also use your accounts to trick your contacts into doing the same. .
UCalgary has email protection technology that blocks millions of spam and phishing messages every month. However, even with the best technology, some emails can get through. This is why it is so important that the UCalgary community knows what to look for.
Clues that you are being fooled
- University of Calgarry: Fake or suspicious company or organization
- From Dr. Ed Macaulay Culkan: Unknown or suspicious sender.
- to Rex: You do not match the intended recipient.
- Take a look at this: Blurred subject line.
- This is important, crucial, and critical: Recurring patterns or other signs of made detail.
- You have been hacked: Misspellings of words or confusing grammar.
- Faculty of Modern Karts: Group or group that does not exist.
- I need your help now !: A sense of urgency, especially around logging in.
- www.thisisaboguswebsite.com: Suspicious links.
- 1-800-bigscam: Incorrect or suspicious phone number.
How to protect yourself from phishing
So, you think there is something wrong with an email you received – what should you do?
- Report suspect phishing attempt at IT by either:
- Right click on an email, choosing security options, then phishing
- or save and forward the email as an attachment to [email protected]
- Delete and do not reply to suspicious emails.
- Never email personal or financial information such as passwords or credit card details.
- Do not click on links in an email that say you are being taken to a secure site.
- Stop ignoring those notifications need to update your computer or other device-the latest version of the software will have the most effective protection from attacks.
IT has an Introduction to Phishing Enterprise Learning Management course for staff who want to learn more about phishing.
Staying cybersecure
The best way to combat cyberthreats is to be aware of them and to understand the importance of cybersecurity. All members of the UCalgary community can help keep us all safe by doing their part to stay cybersecure. Part of that responsibility is to maintain good password skills; regularly back up your data; make sure your devices, applications and operating systems (Microsoft Windows, Apple OS, Linux) remain patched and up to date; and consider the privacy levels of the data you use (and contact the FOIP office if you have concerns), along with following other cybersecurity best practices.
For the full list of things you can do and resources you can use to stay cybersafe, check out our Top 10 Cybersecurity Tips page, and contact IT services through UService or using a ServiceNow ticket if you have any concerns.