June 14, 2021
“We have placed a hold on your Amazon account and all pending orders…Please update the payment information for your order.” An email with Amazon’s logo, font, and language must be legit, right? Wrong! Even if you think you are a pro at spotting a phish, some in circulation now are extremely sophisticated.
Why does this matter? Clicking on a link in a phishing email can allow cybercriminals access to your accounts, credit card information, and even photos stored on a cloud app. Next thing you know, those stolen photos show up on fake Instagram accounts and dating profiles–and your significant other is not happy about it! Besides gaining access to photos and credit cards, clicking on a phish potentially enables a data breach at UF. It happens every day in higher education, at hospitals, and corporations. One example is at Anthem, the second-largest health insurer in the U.S. An employee clicked on a phishing email and this one click allowed a cyberthief to steal personal information of 78.8 million Anthem customers. The cost to remedy this breach is over $115 million.
UFIT has two videos to help you determine between a legitimate email and a phish: