Help Desk

Phishing Training

This message is a training exercise provided by the DSU Information Security Office and Human Resources.

Please be aware that scammers want to trick you into clicking on links or downloading dangerous attachments. Their ultimate goal is to steal sensitive information or to infect your device with malware. Phishing emails look like legitimate requests from known organizations or individuals. Generally, there are features that are common among phishing emails and should raise some red flags. Below are some things to look for that are specific to this phish, that also may apply to real phishing emails.

 

Yellow Caution Banner

This yellow bar here is to let you know that this email is not coming from a DSU email address. If you see this yellow bar make sure to check the sender’s email address to verify it’s coming from a person or business you know of and would expect communication from.

Sender’s Address

Though this address does its best to appear like a legitimate email address there are several problems. First, our system administrators would not be contacting you about blocking a sign-in attempt via email. Second, notice how the utahtech.edu portion of the address is simply part of name rather than part of the URL, thus the yellow bar alert was triggered. Emails coming from our system administrators will be coming from @utahtech.edu addresses. Third, we have yet to change our dixie addresses so anything coming from a utech or utahtech address is likely to be a phish. Fourth, and finally, the .org part of the address. .org addresses can be registered by anyone. Emails coming from the real system administrators will end in utahtech.edu.

Overall Feel

The overall tone and message of this phish is to cause fear and panic. Phishers often rely on emotional responses to try to cause their victims into ignoring and overlooking those warning signs that were shown above so that they will provide their sensitive data. Internet protection starts with your mindset and behavior toward potential cyberthreats.

Link

You should always be cautious when clicking on a link in an email. One thing that you can do is hover your mouse over the link or long click on mobile to see the URL that the link will take you to.

What to do with a Phish

When you receive a phish please report it to us:

This is easily accomplished by using the report button that appears like this in the Outlook Web page:

and like this in the Outlook Desktop Client:

Or forward the phish to us at phishingreport@utahtech.edu.

Contact

If you have any questions or concerns please contact us.

Information Security Office

Email: iso@utahtech.edu

Phone: 435-879-4670