Protect yourself and the university against phishing attacks
According to Trend Micro, a company that bills itself as a global leader in IT security, 91 per cent of targeted attacks involve spear-phishing emails.
A spear-phishing email is one that appears to be from an individual or business that you know. But it isn’t.
Attackers use email to:
- Infect your computer with malware through illegitimate attachments.
- Entice you to click on links that take you to web sites that will infect your computer with malware just by visiting it.
- Trick you into handing over your personal information so that they can gain access to your computer or University resources.
Identifying a phishing attack
Phishing attacks can be difficult to spot. Watch out for emails that have any of the following characteristics:
- Creates a sense of urgency or invokes strong emotions.
- Contains an attachment from someone you don’t know OR an unexpected attachment from someone you do know.
- Asks you to clink on a link that doesn’t match the real URL.
- The sender address is different than the sender name.
- Contains a link to a web page that when clicked, requests sensitive information such as your username and password.
Protecting yourself and the university
Every user will be the target of a phishing attack at some point so it’s important to know how to protect yourself.
Always check the URL of the site you are visiting. Many times attackers direct you to a website that appears legitimate, but is used to infect your computer with malware or used to steal your password or other sensitive data. Remember, legitimate companies will never ask for passwords, social security numbers, or other sensitive data via email.
Do not open suspicious attachments. Attackers can use file attachments to spread malicious software, also known as malware, through email messages so it is important that you remain alert whenever you receive an email with a file attachment.
Information security starts with you!
If you think you have received a phishing email, delete the email or forward it to spam [at] umanitoba [dot] ca. The right people need to know because they:
- Can verify if an email is legitimate or a phishing attack.
- Can prevent other University staff from receiving/opening the phishing email.
- Can help make sure malicious web sites are taken down.
If you think you have fallen victim to a phishing attack, contact the Service Desk immediately at 204-474-8600 or servicedesk [at] umanitoba [dot] ca.
For more information about Phishing visit http://umanitoba.ca/computing/ist/security/phishing.html
Read more here: