Overview
To maintain the safety and security of the University and its data, it’s important that every student and employee practices safe computing and online habits. To assist in this endeavor, ITS recently simulated a phishing email to determine how many employees unwittingly clicked the "unsafe" link (the link in this email was harmless, but users should not have clicked it). A phishing test was sent to faculty, staff, and students on Wednesday, February 8, 2018 with the subject line Survey.
There are several clues that this was not a legitimate email:
- It was not sent from an @UWF.edu email address. Instead, the email was sent from helpesk@itdeptsurvey.com.
- The from address has a typo. It reads helpesk instead of helpdesk. It’s common for phishing emails to have incorrect spelling and typos.
- When you hover the mouse over the Enter Now button, you’ll notice the link is not a UWF link or a link to survey software supported by UWF.
- The ITS Help Desk does not typically offer monetary rewards for completing surveys, and it's common for scammers to offer incentives.
- The email does not have any of the usual branding or logos of an ITS Help Desk communication (though malicious emails may sometimes contain official logos from an organization).
- The subject line is generic and not descriptive.
Results
Of the UWF email accounts that received the email, 35% (and counting) clicked the unsafe link. Please do your part and always remember to think before you click! We appreciate your continued vigilance in maintaining a safe and secure computing environment.