ITS will send emails that mimic real attacks as part of its phishing education in March. As a reminder, here are some indications that an email may be dangerous:

• A strange sender, or one that you don’t expect
• A request to take ‘urgent’ or ‘immediate’ action
• Links or attachments that don’t match the message content or that you don’t recognize

Slow down and take a second look before acting. If you receive an email that you suspect is phishing, don’t click any links, download any attachments, or reply. Instead, forward the email as an attachment to informationsecurity@drake.edu.

Additional training will be assigned to faculty and staff members who repeatedly click links or open attachments in phishing emails, simulated or not.

For more information on how to report phishing emails, see the IT Service Portal guide, Reporting a Phishing Message (How-to).

—Peter Lundstedt, ITS