September 5, 2022
Phishing emails, with malware and dangerous links embedded in them, increase at the start of each semester. Why? Cybercriminals know that new faculty, students, and staff do not yet understand what to expect from UF emails, and whether asking for GatorLink password information in an email is standard conduct. (It isn’t.)
In addition to phishing, social engineering includes deceitful activities like spear phishing, smishing, tailgating, and doxxing. Make time to review the Information Security Office’s
social engineering webpage and become familiar with techniques that cybercriminals use. To help the UF community better understand phishing, Dr. Amanda Phalin, Faculty Senate chair and senior lecturer in Warrington’s Management Department, recorded this video, which explains what it is and how it works.
In the past 12 months, UFIT’s security detection systems have caught 98.5% of phishing messages sent from outside the university. Still, some phishing emails do get through. That’s why being vigilant about what you click on is so important. The phish alert report button in GatorMail lets you report suspicious messages. If you receive an email you suspect is a phish, highlight the email and click on the phish alert report button. This action sends the potentially malicious email directly to the Information Security Office so staff can investigate. Emails from outside UF are marked with the [External Email] banner. Apply extra caution when you see this banner, especially if they purport to be from someone at UF.
Have a great semester and GO GATORS!