UCR Information Technology Solutions is committed to protecting you and your data.
We would like to remind you to stay vigilant against potential phishing attacks and other cyber threats.
What is email phishing?
With electronic mail being a mainstay of personal and professional communication, malicious actors often utilize email in an attempt to steal personal or private information. Phishing emails are crafted to look legitimate but contain malicious programming or content used to capture sensitive data, which can put you and your workplace at risk.
How do I identify email phishing?
Fortunately, there are simple ways to spot a phishing email. Here are some warning signs to look out for:
Bad grammar or punctuation
Strange fonts or paragraph spacing
Slightly modified email addresses
Forms that ask for sensitive information like usernames and passwords Links to strange websites Requests for money from what appears to be a “trusted” person
Language that creates a sense of urgency or ultimatum (i.e., "If you do not respond immediately you will be sent to collections")
Over the past few months, ITS has been running a campaign to increase awareness of phishing by sending lure emails to campus users. Each of the emails provided a learning opportunity to help the recipient identify malicious emails in the future.
The videos below show each of the emails that were sent to campus users and what the issues with the emails were. You can view any of the videos by clicking one of the links below:
Take extra care before opening emails or clicking on links that seem suspicious. If it looks odd or too good to be true, it probably is. Email phishing is a very common method hackers use to access protected systems.
Ensure your devices are running the latest software updates. This includes updating your mobile phones, tablets, computers, Wi-Fi routers and any other Internet-attached devices
Keep ITS in the loop! If you receive a suspicious email, send it as an attachment to firstname.lastname@example.org. You can find step-by-step instructions in the Knowledge Base (kb.ucr.edu - search ‘email phishing’)
Concerned about an email?
If you’re concerned about the legitimacy of an email, we encourage you to:
Create a new email and send it to the official UCR address of the purported sender to verify its legitimacy (visit UCR Profiles for official contact information)
Pick up the phone and call the purported sender to verify its legitimacy
If you have considered the above steps and believe the email to be phishing, notify the ITS Information Security Office by providing the suspicious email as an attachment in your email to email@example.com (view step-by-step instructions on the ITS Knowledge Base: KB0011368)