November 9, 2020 —
At least twice a year, the IST Security and Compliance team sends a fake phishing email to staff and faculty to gauge awareness and understanding of security threats. The latest phishing simulation was conducted on October 30.
The fake message asked staff and faculty to “Validate your account to avoid service suspension.” And, contained a number of clues to make it suspicious:
- Our new external warning tag
- A typo in the link in the message: “UMANILca” instead of “UMANITOBA.ca”
- Misspellings and grammatical errors in the text
- No UM branding
- A generic signature
How did we do?
Compared to April’s phishing simulation, October saw a decrease in the number of people who clicked the link and an increase in the number of people who reported the email as suspicious.
Here is a summary of the simulation results:
- 4% of staff and faculty clicked on the link (6.5% in April)
- 1% submitted data to the password field on the fraudulent page (2.9% in April)
- 372 people reported the email to spam [at] umanitoba [dot] ca (241 in April)
- 100 people reported the email to the Service Desk (185 in April)
This is good news. There was no significant increase in clicks to a fraudulent page or in entering user credentials.
The results show staff and faculty are displaying an awareness of phishing scams and traps.
The results also show that we must continue to be vigilant. Phishing attacks have increased as more and more people work from home.
What to look for
Look for the UM external warning tag. This is the warning at the top of any email that comes from outside of the University of Manitoba. It is a sure indicator that if the message sounds suspicious, it probably is.
In addition to the external warning tag, other typical indicators include:
- Bad grammar and spelling
- Incorrect URLs
- A sense of urgency in the content
- A request for sensitive information
- A nondescript email signature
- A sender addresses that does not match the sender name
- An attachment that you did not request
If you think you have received a message that meets any of the criteria above, delete the email or forward it to spam [at] umanitoba [dot] ca.
We are living in stressful times and sometimes it is easy to make a mistake and click on a link or enter our credentials in a fraudulent website without realizing it. So far, UM staff and faculty are doing an amazing job of avoiding these traps!
The IST Security and Compliance Team thanks you for your ongoing attention to our cybersecurity efforts.
Remember: Information Security Starts with You!
For more information about phishing attacks, visit the Information Security and Compliance web page at http://umanitoba.ca/computing/ist/security/phishing.html.