2019 GRCC Phishing Campaign
Are YOU prepared to catch the phishing email?
Soon, the GRCC Information Security Team will be releasing a phishing email to all of GRCC Staff. IT Security plans to REWARD the department with the lowest number of click-rates based on the results of the phishing email.
Tips to Identify Phishing Emails
- Be cautious of time sensitivity within an email. Due dates or limited times of duration to reply/take up an offer can be indicators of phishing. Attackers want your information and they want it fast.
- Hover over links in emails before clicking them. (The true destination is in the lower left corner of the open window)
- Double check the URL is legitimate before submitting credentials (username, password) to a web-page. If the name, or acronyms of a site are nowhere to be found, it is highly likely you are NOT on the true website.
- Be sure the email from a friend/colleague is authentic; Remember that their email could have been compromised or spoofed. Does the email sound like them? Were you expecting the email from them?
- If you’re not expecting a document/PDF/link, DON’T open it. If you know the individual, try contacting them in some other way that is not email (i.e. phone or in person) to determine if it’s safe.
- GRCC will never ask you for your username and password. Be wary of any email, whether it be from GRCC or not, that does ask you for this information.