Skip Ribbon Commands
Skip to main content
ourCollaborate

Phishing

What is "Phishing"?

Phishing is a type of cyber-crime that involves an "attacker" sending a fake email, text message or phone call impersonating a reputable organization/person to a recipient "victim" in order to retrieve their personal information such as passwords or credit card numbers. Often the emails in a phishing attack will contain links to malicious websites that direct users to enter their username/account number/credit card number and password.  This personal information is then used to access the user's account which can result in identity theft, financial loss, data loss/hijacking or to pass along the attack to others.  Some of these websites are so realistic it is extremely difficult to differentiate them from the valid reputable website.

 

How do I identify a phishing email?

1. The message indicates it's urgent and attempts to scare or threaten you to take action.  It may say a deal is only for a limited time or that you're behind on a payment and threaten you with legal action.

Untitled.jpg

2. The message often contains a link to a website or an attachment they want you to open. If you hover over the link it's misspelled or completely different.

Picture1.jpg

3. The message may look like it's from an internal employee but the email address is actually an external address.

Capture.JPG

4. The message may indicate that they've noticed suspicious activity on your account and need you to login or your account will be suspended. 

Picture3.jpg

5. The message may have spelling or grammatical errors or be in a different language.  This can include a non-standard format for the greeting and signature.

Capture2.JPG

FAQ:

HELP! What if I clicked on a link or opened the attachment?

Log a call with the Helpdesk immediately and explain what happened. As soon as possible login to a different computer and change your password. A support analyst will be dispatched to assess your computer for malware.

For more information click here.

Do I need to do anything if I haven't opened the email?

Please report it to the Helpdesk and someone will contact you to gather additional information, if required.

What if I'm concerned the email from the social networking site/company/bank is legitimate and there really is a problem with my account?

If you really are concerned there may be an issue with your account, open a browser and go to the company's official website support section and contact them with information found on their website.
  • DO NOT click any links provided in the email
  • DO NOT contact them using any information contained in the message

How do I report a Junk or Phishing email?

Within Oulook right-click on the e-mail message and select Report as Junk or Report as Phishing.

For detailed instructions click here.



Recent Phishing Outbreaks:

  
Thumbnail
  
Features of threat
6/1/2020 12:00 AMVoicemail, contains attachment, web link.New for [ ### to username@saskpolytech.ca ]
Voicemail, contains attachment, web link.
3/2/2020 12:00 AMVoicemail, contains attachment VM for <username>
Voicemail, contains attachment
1/30/2020 4:00 PMUrgent, iTunes gift cardsRe: Follow Up This Message Now
Urgent, iTunes gift cards
1/6/2020 12:00 AMEmail, Hidden link, job opportunity Saskatchewan Polytechnic - Time Jobs Opportunity
Email, Hidden link, job opportunity
1/2/2020 11:00 AMAmazon, link, order, payment failedAmazon: Payment Failed!
Amazon, link, order, payment failed
1 - 5Next

Phishing Learning Session:

Downloadable .pdf version of the phishing learning session

More Information:

LinkedIn Learning Resources:

​Upcoming Learning Sessions:


  
  
  
  
There are no items to show in this view of the "Training Schedule" list.