Phishing – when a cybercriminal poses as a legitimate party in hopes of getting someone to engage with malicious content or links – remains one of the most popular tactics among cybercriminals today. In fact, 80% of cybersecurity incidents and 90% of data breaches stem from a phishing attempt.
The signs can be subtle since phishing messages have become more sophisticated but once you recognize a phishing attempt, you can avoid falling for it.
Here are some quick tips for how to clearly spot a fake phishing email, text, or call:
- An offer that sounds too good to be true, like a financial reward
- Urgent, alarming, or threatening language
- Poorly written messages with misspellings and bad grammar
- Generic or ambiguous greetings
- Requests to send personal information
- Strange or abrupt business requests
- False claims that someone is in need of help
- Urgency to click on unfamiliar hyperlinks or download files
- Email addresses that don’t match the company name
We all have a huge role to play in protecting the University of Chicago. If you think you have spotted a phishing attempt, report the incident to our IT team by using the Report Phish button, available in UChicago Outlook and UChicago Gmail, or send an email to security@uchicago.edu. Your quick thinking may help others avoid becoming victims of a cybercriminal.
Learn more about common phishing scams and traps.