As we shared in the October edition of The Channel, statistically, phishing emails are the leading cause of data privacy incidents. Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software.
Over the course of the next month, the Information Technology (IT) department will send out “fake” emails to staff in an attempt to collect data on what specific phishing emails trip staff up the most so that we can develop future training. Rest assured that while we hope staff are not “tricked” by the fake phishing emails, there will be no real consequence if staff do respond to them.
Please take a minute to review the message and search for any of the five common red flags shown below:
- Message is unexpected or oddly timed
- Message contains odd spelling or grammatical errors
- Message urges actions like clicking links or opening attachments
- Message appears to be time sensitive or threatens consequences for inaction
- Message is requesting money or personal information
When you receive any suspicious communications: Stop and think before you click!
If you suspect a phishing email, please contact the Help Desk at 319-273-8231 or email@example.com. Questions? Contact Sarah Nelson, Director of IT/Special Programs.