Phishing test
New test to gauge campus awareness of phishing threat
3:08 p.m., Jan. 19, 2016--In the near future, University of Delaware Information Technologies (IT) will be conducting a phishing test. This test is a follow-up to the one conducted last June.
Phishing emails, which use various strategies to trick or scare unsuspecting victims into compromising their devices or personal information, pose a large and ever-increasing threat to the security of students, faculty and staff as well as the University as a whole.
FYI Stories
June 6: UDid It! Picnic
2FA protects you
Accordingly, IT offers several recommendations for identifying and avoiding phishing scams:
- Never provide personal information in an email, even if it threatens a negative consequence for not doing so.
- Don’t assume that all email received is legitimate. Always check the sender, information, signatures and formatting for inconsistencies.
- Always verify links. Phishers often use fake web sites to distribute malware or harvest information.
- If unsure about the legitimacy of an email, contact the sender separately to ask about it.
- Look for inconsistent or fake information, poor spelling and grammar, a sense of urgency and even threats to those who don’t comply. These are all common characteristics of a phishing email.
IT maintains the Secure UD Threat Alerts blog, which includes annotated copies of phishing emails that members of the University community have received in the past. Annotated copies of the phishing test emails will be posted to the Secure UD Threat Alerts blog following the test’s conclusion.
IT is also in the process of resetting Secure UD training. A number of faculty and staff members will receive a training reset email as part of this process. This email is not part of the phishing test. Those who receive a training reset email should go to http://sites.udel.edu/infosec/ to log in to their training.