UKPhishingemail
training
DevelopedbyUKHealthCareITSecurity
Background
Phishingisthemaliciousactofsendingemailswiththeintentofgainingthe
user’sprivateinformationforthepurposeofstealingidentitiesand,asa
result,stealingmoney.
Thisisusuallydonethroughfraudandfalseclaimsofcredibility.Phishing
emailusuallydirectstherecipienttosomeoneelse’swebsitewherethat
websiteissetuptolooksimilartothatofalegitimatecompanyorbank(or
University.)Thewebsitethenproceedstoasktherecipientforbankaccount
numbers,passwords,socialsecuritynumbersandcreditcardinformation.
Phishingemailwilloftenuselanguagetoportrayasenseofurgencyinthe
messagesuchas“youraccountwillbepermanentlyblocked”.Don’tbefooled.
Belowaresometipsonwhattolookforandhowtoavoidgettinghookedby
phishingemail.
Page | 1 Identifying Phishing email January 2014 Whattolookfor:HowtoIdentifyPhishinge‐mails
Phishing emails usually have some or all of the following features: a) Generic greetings. b) Sense of urgency and threats. For example, Urgent or Immediate action needed or dire consequences. c) Written in poor grammar and misspelled words can be found. d) They will ask your password and other credentials. e) Beware of messages where someone threats to close an account, if you fail to comply. f) Suspicious Link to the external web site or fake email address. g) Graphics that match to the legitimate graphics of the organization. h) Lack of the some or all of the above features doesn’t guarantee that e‐mail is genuine. Page | 2 Identifying Phishing email January 2014 WhattodoafteryouidentifiedthePhishinge‐mail
 If you suspect that an email is spam or phishing and you are using Microsoft Outlook, do the following: (If you use the Internet‐based web application OWA, see next page) a) Create ‘New Email’ and Choose the 'attach item' function in Outlook. b) Select ‘Outlook item’. c) Choose the folder where the email is located i.e. ‘Inbox’. d) Select the offending email and then click ‘ok’. e) The phishing email should appear in your email as an attachment. Title your email “SPAM” and Send it to [email protected] Page | 3 Identifying Phishing email January 2014 WhattodoafteryouidentifiedthePhishinge‐mail
 If you suspect that an email is spam or phishing and you are using Microsoft’s Outlook Web App (OWA), do the following: a) Open the offending email, right click, and select “Forward as an Attachment”. a b) The phishing email should appear in your email as an attachment. Title your email “SPAM” and Send it to [email protected] b Page | 4 Identifying Phishing email January 2014 Tipstohelpyouavoidbecomingavictimofphishingemails
 Donotrespondtoemailthatclaimsyouraccounthasbeenfrozenor
suspended.UKwillneveraskyoutoverifyyouraccountinanemail.
 ConfirmthesourceandcontacttheITService/HelpDeskifyouare
concernedaboutyouraccount.
 Donotprovideyourpasswordinresponsetoanunsolicitedinternet
request.DONOTPROVIDEYOURPASSWORDEVER.
 Thephonenumberslistedinphishingemailsmayormaynotbe
workingphonenumbers.Don’ttrustthem.
 Donotclickonanyofthelinksintheemaileveniftheylookfamiliar.
Often,linkswithinphishingemaillookinnocentbutactuallytakeyouto
maliciouswebsites.
For questions or training requests, please contact: If you are in UK HealthCare: Arshad Hussain, Associate Security Analyst [email protected] (859) 323‐3507 Branden Miller, Senior Security Analyst, [email protected] (859) 323‐3508 All others: UKAT Service Desk [email protected] (859) 218‐4357 Michael Carr, UK Chief Information Security Officer [email protected] (859) 218‐0306 Page | 5 Identifying Phishing email January 2014