Detailed Information
Signs of phishing
The following are indicators that a message might be phishing, but these indicators might not be present and if they are present it isn’t conclusive that the message is phishing:
-
Misspellings or bad grammar
-
A sense of urgency to get you to act quickly
-
Indicates something is wrong with your payment, account or service;
-
Unexpected sender
-
Phishing appears to be coming from one address but the sender is really from another. (eg .com)
-
Unexpected content
-
Contains a secure or encrypted message that may be fake
-
Links require you to sign in. These links might bring you to login pages without lock/https
-
Asking you to perform a task you don’t normally do or purchase products that you might not have
-
Sends you to another communications channel - for example, phone, text, or a different email address
Phishing Techniques to Trick You
Some phishing messages may not be so obvious and are much harder to spot as they may
Might have logos, University images or log in pages that look familiar. Scammers can easily “scrape” (copy) an image from a UMS site and include it in the email.
Might be sent from a bona fide maine.edu address if that persons’ account was compromised.
Might be sent from a vendor’s account that has your information. Vendors are subject to being phished and those accounts are used to contact customers that can be identified by email. In such situations, context is often conveyed. and valid looking signature blocks can be used.
Phishing Training
Are you interested in training that tests your ability to recognize a phishing attempt?
The University offers an opt-in training that will periodically send you simulated phish email. You will receive feedback on whether or not you fell victim to the fake attempt. You may cancel participation at any time.
Contact infosecurity@maine.edu and request Phishing training.
Other Related Phishing Articles
Environment
- Phishing can be sent via email, text message, or phone calls.