Don’t worry though, this time was just practice.  UIndyIT regularly conducts phishing simulations to test the effectiveness of the University’s training exercises.

Phishing attacks like this one represent one of the biggest threats to the University, our employees and our students.  It’s important to understand the telltale signs of a phishing attack.  In this simulation, there are several things that should give it away.

1. External warning - The sender is not from a uindy.edu address. Google identifies this with a yellow External warning notice.
2. Email address - The email address is not the address used by Google Docs for sharing notifications.
3. Spelling errors and inconsistencies- The file name is spelled incorrectly.
4. Domain name - The link is to a fraudulent domain. While it closely resembles the University’s official domain name, it is most definitely not uindy.edu or google.com. Additionally, phishing emails often hide the actual destination. Hover over the link to preview the link’s destination.

This illustration highlights just a few common ways you can detect a scam.  But there are others, play this quick game to learn how to identify several types of phishing scams: https://phishingquiz.withgoogle.com/.

To learn more about phishing, and to see recent trends in phishing scams, learn how to Protect yourself from phishing.