Examples of ways to identify a phishing attempt
How can I tell if a message is legit?
Be suspicious if any of these clues appear. It could be a phishing attempt if any of these clues appear...and this example is FULL of them! Bottom line, ask yourself, "Does this make sense?"
Part 1: The Message
In addition to numerous grammatical and punctuation errors, you will find...
- Strange address, NOT uwplatt (even though it claims to be from ITS)
- The recipient (To) matches the sender (From)
- Updates from ITS will come directly from the Communications and Training Coordinator or through the monthly newsletter; ALSO multi-factor authentication is not limited to our "Email users".
- The security of your "spam filter"..??
- Hovering over the link displays a very long, suspicious, NON-uwplatt URL
- "Failure to update" indicates urgent consequences
- All caps indicate urgency, but also... if a campus system needs a password, it will label it "password".
- Not our official name, "ITS Help Desk"
Part 2: The Login Page
-
This login page has nothing "official", such as the campus logo or any mention of the University. Also, our multi-factor authentication is provided by Duo, not Microsoft. Multi-factor authentication is not limited to email; any changes would apply to your entire account, not just Microsoft.
-
Any password field should be labeled "Password".
Need help?
If you have questions, please contact the ITS Help Desk at 608.342.1400 or helpdesk@uwplatt.edu. You may also visit the Help Desk on the first floor of the Karrmann Library.