As we begin the new year, it’s crucial that we all remain aware of the threat that email attacks pose and how to respond to them. As a reminder, here are some indications that an email might be dangerous or suspect:

• A strange sender or one that you don’t expect
• Coming from a Drake University colleague but sent from a Gmail or Yahoo account
• A request that you take urgent action
• Asking you to buy something for someone else
• Links or attachments that don’t match the message content or that you don’t recognize

Before acting on any of these, slow down and take a second look. If you receive an email that you suspect is phishing or spam, don’t click any links, download an attachment, or reply. Instead, you can block the sender from sending you additional emails using the junk mail folder option in Outlook. You can also forward the email as an attachment to informationsecurity@drake.edu and then delete it.

ITS will be continuing phishing education this month using emails that mimic real attacks. A short training lesson will be assigned to any faculty and staff who repeatedly click links or open attachments in phishing emails, simulated or not.

For additional information on how to report phishing emails, please see the IT Service Portal guide, Reporting a Phishing Message (How-to).

— Jeremy Calvert, ITS