What is a Phishing?
A "Phish" email is a type of unsolicited email that is intended to trick you into replying and providing data to the sender (typically a password, banking information, or another type of personal data that can be used to steal resources).
What is a Spear Phishing?
Spear Phishing is targeted Phishing that takes advantage of one or more known pieces of information to tailor the phish to an individual. For instance, the following example was sent to an ITSS staff member. The author may have known that a message appearing to come from the IT Director would be deemed more credible than if it appeared to come from a random source:
How Can I Tell It's a Phish?
There are generally several ways to tell that an email is a Phishing attempt. The previous image has 4 indicators to notice:
- Large yellow warning that Google appended into the message
- Email address does not not match your organization and/or looking suspicious
- Suspicious subject line
- Signature is different than what you might expect
This particular Phish seems fairly harmless, but if you responded to it, the sender would know they had a valid email address to use in future efforts and may have begun a dialogue asking for things like credentials, information, money, etc.
Learn More
- University Of Minnesota Phishing Scams and more information.
- Take Google's Phishing Quiz and see if you can identify a phish.
University business is conducted through MyU Portal. Any email sent to you for UMD business will refer you to myu.umn.edu. This includes anything relating to your student account, financial aid, payroll, and benefits.
What Should You Do?
If you receive Phish email:
- Do not respond to the message.
- Do not share any information with the sender.
- Report it to ITSS - forward it to [email protected].
Questions?
Please contact the ITSS TechCenter Help Desk with any questions.
- Email: [email protected]
- Phone: 218-726-8847
- Stop by: Kirby Plaza 165