Phishing

Phishing = Social Engineering

Typically uses urgent or exciting language to get you to act quickly without thinking.
Asks for passwords, bank account information, usernames, credit card numbers, social security numbers, etc.
Displays fake URLs that actually direct you to dangerous sites.
Contains attachments that you are directed to open for an urgent reason, or because you will gain something important from doing so.

Don't Bite: Avoiding Phishing/Social Engineering Techniques

Recognizing Job Scams

One of the most common types of phish sent to students are job scams. Job scams have also proven to be very effective by utilizing the student's inexperience against them.

Some characteristics of job scams are:

Very high salaries
No experience required, or bare-bones experience prerequisites
Ask you to reply to an email address that is not the sender's
Ask you to reply using your personal account
Unconventional application methods (i.e., Google Form) may be characteristic of a scam

Watch Out for Job Scams

Gift card scams are a very common type of phish sent to University staff. These scams will often impersonate your superiors which can instill urgency in the recipient, causing them to miss certain details in the email.

Some details include:

Both the sender display name and the signature in the body indicate that it is your superior, but the sender address is not your superior's arizona.edu email address
The sender claims they are "currently in a meeting and need you to buy a gift card" and send them the card codes
The email simply requests a favor with no other information

Your Boss Won't Ask You for Gift Cards

Detecting Credential Harvesters

Credential harvesters are highly dangerous phish that give almost comprehensive access of your account to malicious actors. Account compromise can result in situations where your account is used to send malicious emails, to further compromise University systems, and/or steal money from your payroll.

Some indicators of a credential harvester campaigns include:

The email is a file share through Google or SharePoint
The email impersonates an account alert for a critical service
Clicking the link leads to a page requesting login credentials, but the URL domain is not reputable.
Clicking the link leads to a form service (i.e., Google Forms) you will never need to submit credentials to a survey form for authentication

Credential Harvesting Training

More Tips

Don't Trust -- VERIFY!

Never respond to any suspicious email by clicking on links, opening unexpected attachments, or providing personal or financial information.
Don't believe everything you read. If you are unsure as to whether a website is legitimate, confirm it by contacting the company or organization.
Double-check links of websites you visit. "Google" the site to ensure the link is correct.
Double-check email to your campus address that is marked External.
Never provide personal information or information about your company/organization via email, text, or over the phone.

If You Are Compromised

Change a password immediately if you believe it is compromised, especially your NetID password.
If you provided personal information that could be used for identity theft or fraud in response to a fraudulent email, you should immediately contact the company being spoofed.
If you have additional questions, comments or concerns contact the Information Security Office at security@arizona.edu or (520) 626-8324.

Report that Phish!

If you receive a suspicious email, and it is NOT listed in our Phishing Alerts, please forward the email to UA Information Security as an attachment. Instructions for forwarding as an attachment can be found here: Forwarding Emails as Attachments

Our office works with UITS using the information you provide in order to minimize the current phishing threat. We will also use the information for analysis and trending information on security threats to campus.

Resources