Reminder: How to Identify Phishing Attempts

May 02, 2014

Because phishing attempts have grown more and more sophisticated, it’s important to remain skeptical about unsolicited emails from addresses or people that you don’t recognize.  Here are some tips to help you identify a phishing attempt:

 

 

Yesterday’s phishing attempt was particularly sophisticated because it wasn’t asking you to submit information, instead it wanted you to click a link to “verify” your email address.  However, there were some ways to tell this email wasn’t legitimate:

 

  • The email came from Penn.Online@upenn.edu, which is not affiliated with ITS.
  • If an email is sent to you directly and not to a list, ITS will identify you by name and not by email address.
  • ITS always signs their emails, so you should recognize who is sending it
  • The “Verify Email” link was pointing to “http://mail-exchange-upenn-edu.satfoundation.org/owa/auth/”, but all Penn websites will have a .edu address and not a .org address.

 

If you are unsure whether an email is legitimate, please don’t hesitate to give us a call or email itshelp@law.upenn.edu.

Latest News

  • Image preview
    As an instructor, you can verify all external links throughout your course to ensure they are valid. You can check these links using the course link validator, which searches through course content and returns invalid or unresponsive external links in both published and unpublished content.
  • Image preview
    Join us Friday, January 22 at noon in Gittis 213 to learn how you can get started using Poll Everywhere. This solution is available to all Penn Law faculty and staff for unlimited polls.