Topics Map > Security
Topics Map > Campus Services > E-mail
Security - Example: Phishing attempt 04.29.22
Examples of ways to identify a phishing attempt
How can I tell if a message is legit?
Be suspicious if ANY of these clues appear.... and this example is FULL of them! Bottom line, ask yourself, Does this make sense??
Part 1: The message
In addition to numerous grammatical and punctuation errors, you will find...
- Strange address, NOT uwplatt (even though it claims to be from ITS)
- The recipient (To) matches the sender (From)
- Updates from ITS will come directly from the Communications and Training Coordinator or through the monthly newsletter; ALSO multi-factor authentication is not limited to our "Email users".
- The security of your "spam filter"..??
- Hovering over the link displays a very long, suspicious, NON-uwplatt URL
- "Failure to update" indicates urgent consequences
- All caps indicate urgency, but also... if a campus system needs a password, it will label it "password".
- Not our official name, "ITS Help Desk"
Part 2: The login page
This login page has nothing "official", such as the campus logo or any mention of the University. Also, our multi-factor authentication is provided by Duo, not Microsoft. Multi-factor authentication is not limited to email; any changes would apply to your entire account, not just Microsoft.
Any password field should be labeled "Password".
If you have questions, please contact the ITS Help Desk at 608.342.1400 or firstname.lastname@example.org. You may also visit the Help Desk on the first floor of the Karrmann Library.