Phishing attack example poster descriptions

"You've got email...from the President! (or is it)? What are the warning signs?"

  1. The subject is vague - it provides no information but triggers a response in the reader (subject: Important Notice).
  2. The name is correct, but why is the email address from "outlook.com" and not "uwaterloo.ca"?
  3. Would you normally receive a file to download this way? Why isn't it in SharePoint or an online department folder?
  4. Poor grammar, punctuation, and spelling are not what you'd expect to see in a message from the President.
  5. Do your job duties involve the events mentioned in the email? Why should you receive this message?

Need advice? Contact the Information Systems & Technology (IST) Security Operations Centre at soc@uwaterloo.ca.

"We all like receiving surprise packages... but don't get surprised by a computer virus. If you think an email message is suspicious, don't click on links or download attached files. "

Things to consider when determining whether or not the email is a phishing attack:

  1. The email address (support@faxpost.com) doesn't match the company name, Deutsche Post DHL
  2. Was the message sent to your individual email address or to a group?
  3. Some email readers put a suspicious message in a special folder that disables included links. This message is trying to trick the recipients to enable these links: "If the links are not working, please move message to 'inbox' folder"
  4. Moving the mouse pointer over these links shows the Polish server name "willajozenfia.pl", which doesn't match the name of the German company
  5. Do you know anyone in Germany who would send you a package? Do you deal with German companies?

Need advice? Contact the Information Systems & Technology (IST) Security Operations Centre at soc@uwaterloo.ca.