Going somewhere fun this summer? Attackers are hoping you’ll also take a vacation from protecting your valuable accounts and personal information. Summer is traditionally high season for scamming, and this summer is shaping up to be a hot one, with active campaigns swirling around purported security incidents at trusted organizations, vacation bookings, and the World Cup.

No matter where you’re checking messages, whether at the local pool or from an exotic destination, slow down and take a closer look to make sure your plans don’t get disrupted.

Here are some indications that an email may be dangerous:

• A strange sender, or one that you don’t expect
• A request that you take ‘urgent’ or ‘immediate’ action
• Links or attachments that don’t match the message content or that you don’t recognize.

ITS will continue to send out simulated attacks to faculty and staff this summer. If you receive any email that you suspect is phishing, don’t click any links, download any attachments, or reply. Instead, forward the email as an attachment to informationsecurity@drake.edu.

Additional training will be assigned to faculty and staff members who repeatedly click links or open attachments in phishing emails, simulated or not.

For more information on how to report phishing emails, see the IT Service Portal guide, Reporting a Phishing Message (How-to).

— Peter Lundstedt, ITS