Week 2: Email Phishing Poster 2

Phishing header

Last week we learned what phishing and spear phishing is. This week we’ll focus on tips for identifying phish email messages.

Basic cybersecurity isn’t that difficult, it just takes a wee bit of time. Often the case is that a phishing victim was just acting too fast while trying to clear their inbox. It’s important to slow down and really scrutinize important or urgent looking email; especially if they threaten consequences for not taking action. Attackers tend to prey on our emotions in order to trick us into making bad decisions in haste.

There are three red flags that are easy to check before trusting an email.

1. Check the “From” email address

Although email can easily be spoofed (i.e. it’s not difficult for bad actors to send email appearing to come from someone else), checking the From address should be a basic quick check. If the email is not from an @uic.edu, @uillinois.edu, or @illinois.edu email address, chances are, it’s not really from someone at the University. There are always exceptions, but a basic rule is that you shouldn’t trust an email claiming to be from UIC if it’s not from one of those email domains.

To complicate things a bit more, some bad actors use compromised UIC email accounts to send phish emails to us. So also look at who the email is from, and then ask yourself “Why would this person be sending me an important or urgent email message?”. Legitimate important or urgent email usually comes from a few email addresses. (e.g. OFFICIAL_STUDENT@listserv.uic.edu, OFFICIAL_STAFF@listserv.uic.edu, URGENT_STUDENT@listserv.uic.edu, URGENT_STAFF@listserv.uic.edu).

2. Beware of any links that say “Click Here” or don’t clearly indicate where they want you to visit

UIC will try to be very clear with what webpage we want you to visit. We might say login to Nessie, or the my.UIC Portal so that you know what we are asking you to log into. With this information you can use your own bookmarks or type in the webpage address yourself, which is more secure than clicking links in email.

Sometimes, just the simple act of clicking a link can lead to your account or device being compromised.

3. Always examine links before clicking them

On a computer you can examine a link by hovering your mouse over it. This will display the real destination webpage address. On mobile devices you can examine a link by tapping and holding on the link. Sometimes the address will be displayed, or you will be given the option to copy the address so you can paste it somewhere else to examine.

If the message is asking you to log into blackboard, but with a link address that is different from uic.blackboard.com, then you know this is likely a phish attack. Feel free to send suspicious email to security@uic.edu for further guidance.

Also be cautious of URL shortening services, such as bit.ly and tinyurl.com. We own all of uic.edu, uillinios.edu, and illinois.edu, and can easily make short go.uic.edu, go.uillinois.edu, and go.illinois.edu addresses as necessary.

Take the test, click the image of the email you think is real

View the Answer Key >