Audience: All Franklin and Urbana University users with University Office 365 email accounts.
Disclaimer: The results and functionality of the following article only apply to audience listed above.
- For our guide to handling phishing attacks, please see the following: Click Here
Listed below are examples of phishing attacks that have been attempted of recent.
All phishing attempts below were deemed to be malicious with the intent to gain access to user credentials, money, or to spread spyware onto the end user's device. When in doubt, please first contact the Help Desk before responding to emails, or taking action from the email (opening links, downloading/opening PFDs, or clicking on buttons). email@example.com
1. This one was designed to look very similar to emails that come from Microsoft. However, the indicator of the fake email was the email address that wasn't from Microsoft. Also, most any email from Microsoft will not contain a call-to-action-button within the email. Always be wary of such buttons within an email.
2. The next email worked off a threats of exposure and attempted to gain payment from the recipient. Don't ever submit payment through extortion. Please consult the Help Desk should you receive any similar email. This email was determined to be fake and the user's account, device, and privacy were not in jeopardy, and the claims against them in this email were false.
3. Please pay attention to email bars like the one shown in yellow. Since this email was a spoof of an internal email that came from an external address, the first clue should be the CAUTION bar at the top of the email. Emails of this nature this should not be trusted when arriving from external sources.
4. This email attempted to lure the recipient by offering payment/money. Never trust a payment promise or call to action to go elsewhere for receiving payment. Even if you recognize the source of the email, directly contact the person or company by phone before trusting an email link such as this.
5. This phishing email was made to look like if came from the Help Desk. However, the email banners at the top should be an indication that it was still not from the Help Desk and did come from outside the university.