You clicked a link in a phishing test email.

Phishing logoDon’t feel embarrassed about clicking that link – it happens to everyone, even IT pros! Our simulated phishing email was designed, just like the real ones, to get you to click that link.

Cybercriminals use a variety of tricks to prey on unsuspecting folks and get them to willingly provide information like:

  • Usernames and passwords
  • Banking details
  • Credit card numbers
  • And more.

Wharton Computing is engaging in this phishing exercise to help you avoid the real thing.

Anatomy of a Phish

There are some quick ways to identify a potential phish that can save you a lot of worry. Let’s dissect the email that landed you here in the first place for phishing signs:

There isn’t a group called “The Computer Support Center” here at Penn, though that doesn’t sound too odd. The email is building a sense of urgency, so you don’t pause to examine it closely. That sense of urgency combined with the poor grammar in the last sentence of this paragraph is a strong indication of Phishing.

B. Clicking this link in the email sends you somewhere other than you expect (in this case, here!). An actual phishing email would have sent you to a PennO365 login lookalike; its sole purpose to trick you into entering your password.

We recommend hovering over the link in your email client to see the actual address of the link (if you clicked on the link check the address bar in your browser to make sure you’re where you should be).

Copying and pasting the URL into a browser reveals that this page doesn’t exist.

C. A couple of things to note here: that’s the wrong address for the Franklin Building (which only has 9 floors) and searching the Penn Directory reveals no “”Steve Buchanans” work for Penn.

How to avoid being a phishing victim

Sending email is cheap, which is why phishing is an effective activity. Cybercriminals send out millions and millions of these messages, and even if a very small percentage of recipients are fooled the math works out in the criminals’ favor.

Here are few things to be on the lookout for if you suspect an email is actually a phish:

  1. A sense of urgency – Phishing emails are designed to make you take action before you do anything else. The cybercriminals don’t want you to think too much, or follow lists like this one!
  2. Mistakes and vagueness – Many phishing emails are littered with misspellings, signatures with incorrect contact information, and the wrong phrases for common internal groups (University IT instead of Wharton Computing, for example).
  3. Unusual links – If you do click links in an email, pay close attention to where the link is actually sending you. Many phishes will send you to a page that looks like a login screen you’re familiar with (the PennKey login, for example), but if you look at the URL bar of your browser you’ll see you’re not on any of Penn’s websites.

Phishing emails are increasingly a vector for attack, but there are a few things you can do to make yourself a harder target:

  1. Double check the sender – Criminals can easily make it look as though an email is coming from your boss, so double check that the email is from who it seems to be from. This is doubly true if the email is asking you to do something out of the ordinary like buy gift cards, reset your password, or something similar.
  2. Check the email for the common signs of phishing – As outlined above, just taking a few moments before acting on an email to consider if it is legitimate will foil most phishing attacks.
  3. Avoid attachments – Attaching things to email is very easy, which is exactly why the criminals use the technique. Leverage file sharing services like Box and Dropbox instead of attaching things to email.
  4. Type in URLs – If you think an email looks suspicious, but you want to make sure the account it references is OK, just type in the URL of the service you want to log into instead of clicking on the included link.

What to do if you have been phished

Phishing emails are generally designed to do one of two things, Get your username and/or passwword, or Install some malicious software onto your computer.

The first thing you should do if you suspect you’ve been a phishing victim is: don’t panic. Stay calm. Wharton Computing is here to help you.

Secondly, inform your Wharton Computing representative as soon as possible.  They will help you with the following:

  • changing your password(s)
  • determine if malicious software has been installed

In either case time is of the essence; the longer you wait, the harder it will be to recover.

What is Phishing?

Phishing emails are scams designed to trick you into giving cybercriminals access to your accounts or valuable information about you. They often appear to be from a legitimate source like an administrator of your email system or someone you know.

The contents of phishing messages are generally designed to create a sense of urgency by asking you to perform an action of some kind, like:

  • warning that your account may close if you don’t use your account credentials to log into their website
  • call to click on a link to address financial or other issues
  • request to update your work data

Phishing attempts are getting increasingly sophisticated and while we block many phishing attempts, no system is 100% effective. Please follow the recommendations on this page to identify, and thwart, any phishing attacks that end up in your email box.

Top Five Phishing Subject Lines of 2020

  • Password Check Required Immediately
  • CDC Health Alert Network: Coronavirus Outbreak Cases
  • PTO Policy Changes
  • Scheduled Sever Maintenance – No Internet Access
  • Test of the [[company_name]] Emergency Notification Systems
Source: KnowBe4