Breadcrumb

Cybersmart Banner

Do your part - Be Cybersmart!

UCR Information Technology Solutions is committed to protecting you and your data.

We would like to remind you to stay vigilant against potential phishing attacks and other cyber threats.

Phishing

What is email phishing?

With electronic mail being a mainstay of personal and professional communication, malicious actors often utilize email in an attempt to steal personal or private information. Phishing emails are crafted to look legitimate but contain malicious programming or content used to capture sensitive data, which can put you and your workplace at risk.

How do I identify email phishing?

Fortunately, there are simple ways to spot a phishing email. Here are some warning signs to look out for:

  • Bad grammar or punctuation
  • Strange fonts or paragraph spacing
  • Slightly modified email addresses
  • Forms that ask for sensitive information like usernames and passwords Links to strange websites Requests for money from what appears to be a “trusted” person
  • Language that creates a sense of urgency or ultimatum (i.e., "If you do not respond immediately you will be sent to collections")


For more information on identifying phishing emails, check out our Tips for Spotting Phishing Emails aid.

ITS Email Phishing Awareness Campaign

Over the past few months, ITS has been running a campaign to increase awareness of phishing by sending lure emails to campus users. Each of the emails provided a learning opportunity to help the recipient identify malicious emails in the future.

Phishing Emails


Videos

The videos below show each of the emails that were sent to campus users and what the issues with the emails were. You can view any of the videos by clicking one of the links below:

To see a recap of our phishing campaign and how well UCR did compared to other organizations, view the recap video below:


Additional Resources

CyberSmart Tips
 

Mouse

Take extra care before opening emails or clicking on links that seem suspicious. If it looks odd or too good to be true, it probably is. Email phishing is a very common method hackers use to access protected systems.
 

 

Padlock

Be sure to use UCR’s VPN at https://campusvpn.ucr.edu when working. You can find VPN guidance in our ITS Knowledge Base (kb.ucr.edu - search ‘VPN’).
 


 

Progress Bar

Ensure your devices are running the latest software updates. This includes updating your mobile phones, tablets, computers, Wi-Fi routers and any other Internet-attached devices

 

Email

Keep ITS in the loop! If you receive a suspicious email, send it as an attachment to abuse@ucr.edu. You can find step-by-step instructions in the Knowledge Base (kb.ucr.edu - search ‘email phishing’)

Concerned about an email?
 

Warning

If you’re concerned about the legitimacy of an email, we encourage you to:

  • Create a new email and send it to the official UCR address of the purported sender to verify its legitimacy (visit UCR Profiles for official contact information)
  • Pick up the phone and call the purported sender to verify its legitimacy
  • If you have considered the above steps and believe the email to be phishing, notify the ITS Information Security Office by providing the suspicious email as an attachment in your email to abuse@ucr.edu (view step-by-step instructions on the ITS Knowledge Base: KB0011368)