Security - Example: Phishing attempt 04.29.22

Examples of ways to identify a phishing attempt

How can I tell if a message is legit?

Be suspicious if any of these clues appear. It could be a phishing attempt if any of these clues appear...and this example is FULL of them!  Bottom line, ask yourself, "Does this make sense?"

Part 1: The Message

In addition to numerous grammatical and punctuation errors, you will find...

  1. Strange address, NOT uwplatt (even though it claims to be from ITS)
  2. The recipient (To) matches the sender (From)
  3. Updates from ITS will come directly from the Communications and Training Coordinator or through the monthly newsletter; ALSO multi-factor authentication is not limited to our "Email users".
  4. The security of your "spam filter"..??
  5. Hovering over the link displays a very long, suspicious, NON-uwplatt URL
  6. "Failure to update" indicates urgent consequences
  7. All caps indicate urgency, but also... if a campus system needs a password, it will label it "password".
  8. Not our official name, "ITS Help Desk"

Image illustrating the phishing email with indicators listed in this article.

Part 2: The Login Page

  1. This login page has nothing "official", such as the campus logo or any mention of the University. Also, our multi-factor authentication is provided by Duo, not Microsoft.  Multi-factor authentication is not limited to email; any changes would apply to your entire account, not just Microsoft.

  2. Any password field should be labeled "Password".

Example of a phishing web page with login request.

Need help?

If you have questions, please contact the ITS Help Desk at 608.342.1400 or helpdesk@uwplatt.edu.  You may also visit the Help Desk on the first floor of the Karrmann Library.