News & Alerts

Title

Can you catch a phish?

November 16, 2017
Spotlight on Safe Computing

Have you ever had a phishing email worm its way into your inbox? Did you catch it right away? Delete it? Report it? Perhaps it seemed legitimate so you responded or followed a link.

Phishing is an attempt to obtain information by disguising as trustworthy or legitimate messages, such as email, text, phone calls, computer popups, or other common communication methods. Phishing scams can appear to come from anyone, such as “UMN Edu Team,” “Service,” “HelpDesk,” “Customer Service,” “IRS Collections,” or even a colleague or friend.

Security is a shared responsibility

Falling victim to a phishing message doesn’t just endanger your personal information (such as giving a scammer your password if you log in to a fabricated sign-in page), but it potentially exposes all of the University data you may have access to as a staff or faculty member. Information like student grades, patient data, donor details, and more could be at risk if you are not wary of potential phishing scams coming your way. Keeping the University secure is a shared responsibility between all of us - staff, faculty, students, and the University. But how can you tell the difference between a phishing email and regular correspondence?

What do phishing messages look like?

Phishing emails are often designed to look as legitimate as possible, and cyber scammers sometimes do their homework and add in specific details to help you trust the message. For instance, phishing messages targeted to the University of Minnesota sometimes feign to come from President Eric Kaler or other recognizable figures.

Other warning signs of phishing messages include:

  • The email may include threats of dire consequences if you don't act quickly.

  • The content might include poor spelling, grammar, or formatting that looks unprofessional.

  • It could include a link to a login page that may look like the University's login page, or could be shortened by services like tinyURL or bit.ly.

  • The message may ask you to open a shared document you may not be expecting.

  • Learn more about how to spot a scam.

Here are a few examples of recent phishing attempts sent to to University faculty, students, and staff:

Example 1: A phishing email with a well-crafted fake login page.

Example 2: A phishing email with a different fake login page.

Example 3: A phishing email with a “shared a document” focus.

There are also many more examples of actual phishing messages on the University Information Security Phishing Blog. Remember, the University will never ask you to provide your username and password via email.

Report phishing to the U

The University of Minnesota takes phishing very seriously. Did you know there is a specific email address to report phishing attempts? It’s phishing@umn.edu. The University Information Security team receives these messages, responds accordingly, and also routinely tracks and reports on recent phishing attempts to hit the University on their phishing blog. This is a great resource to check against if you think you have received a phishing email to your University account. University Information Security can take your reports of attempted phishing and potentially take action against the sender, like blocking them or notifying the whole University of a potential threat.

If you think you have received a phishing message to your University account, take these 3 steps:

  1. Do not reply to the message or click on any links.

  2. Forward the email in its entirety to phishing@umn.edu.

  3. Delete the message from your inbox.

Note: You may also report it to Google as phishing. To do so, click the expand arrow in the upper right-hand corner of the message and choose "Report phishing."

What if I replied to the message?

If you think you have responded to a phishing scam via email, change your University password immediately. If you have set up your self-service password change secrets, you can click on the “Reset your password” link on a University of Minnesota sign in page and follow the instructions. If you haven’t set up your password recovery secrets yet, call Technology Help at 612-301-4256 for assistance in resetting your password quickly. You can set up password recovery secrets now for ease-of-change in the future (see instructions in sidebar).

Phishing could lead to identity theft

However, phishing is more than just an annoyance or a reason to change your password. Sophisticated phishing scams allow creators to access your personal information, which could lead to identity theft.

Identity theft can range from impersonation, to the robbery of financial information like credit card or bank account numbers, to tax fraud, where a criminal could file a tax return in your name and receive a refund on your behalf and many other variations of identity theft.

There are several warning signs of identity theft. It is good to keep a watchful eye on your accounts and take immediate action if anything seems incorrect. Learn more about other indicators of identity theft. December through April is an especially vulnerable time of year due to income tax season. Email scams mentioning taxes or the IRS target the public during this time.

If you believe your identity has been stolen or if your data has been exposed - your credit card information, Social Security number, or other sensitive data - visit IdentityTheft.gov to report the theft and take recovery actions. IdentityTheft.gov will walk you through your reporting and recovery options, including informing companies or institutions where the fraud may have occurred, or even filing a police report. They may encourage you to close your affected accounts, institute a credit freeze, report and remove bogus charges, replace government-issued IDs, or alert the IRS of personal tax fraud.

Taking a few seconds to give a closer look to the email you just received may help you to identify it as a potential scam. Noticing this before responding might save you a big headache in recovering your personal information, or protect the University against a potential data breach. We need your help to identify phishing attempts at the University because after all, security is a shared responsibility!

More Resources

Set Up Your Password Recovery Secrets for Future Changes

If you want to reset your password without having to call Technology Help in the future:

  1. Log in to My Account using your Internet ID and password.

  2. Click on Set Password Recovery Questions on the left side.

  3. Fill out the three question and answer combos.

  4. Click Submit and you’re all set to reset!