Don’t worry though, this time was just practice.  UIndyIT regularly conducts phishing simulations to test the effectiveness of the University’s training exercises.

Phishing attacks like this one represent one of the biggest threats to the University, our employees and our students.  It’s important to understand the telltale signs of a phishing attack.  In this simulation, there are several things that should give it away.

1. Email address - The sender is not from a uindy.edu address.
2. Grammatical error.
3. Domain name - The link is to a fraudulent domain. While it closely resembles the University’s official domain name, it is most definitely not uindy.edu.
   1. Navigate and hover manually over any provided links within emails to view what URL is really being linked.
   2. Never click links in emails; instead, go directly to the official website in a browser to check for alerts.
4. Closing - incorrect school is listed.

This illustration highlights just a few common ways you can detect a scam.  But there are others, play this quick game to learn how to identify several types of phishing scams: https://phishingquiz.withgoogle.com/.

To learn more about phishing, and to see recent trends in phishing scams, learn how to Protect yourself from phishing.