Recently, Drake has seen an increase in phishing emails designed to look like they have been sent by senior administrators, such as President’s Council members or Deans, to members of that person’s staff.

Often these messages indicate that the supposed sender needs the receiver to take some sort of discrete action and specifically requests that the receiver not call them, but respond via email. The body of a recent message of this type said simply:

“Do you have a moment? I have a request I need you to handle discreetly. I am going to a meeting, no calls so just reply to my email. I will be glad if you reply to this email as soon as it gets to you.”

They often appear hastily written and urgent, and ask the receiver to take immediate action. These are the signals that should remind you to slow down and take a closer look.

Before taking any step, use another channel to confirm the request is from the person who appears to be the requestor. Manually type the presumed sender’s email address in another email message (rather than just replying to the initial email) and ask for confirmation. Using the chat feature in Microsoft Teams or sending a text message, if you have the person’s cell phone number, are also effective alternate-channel communications.

Messages that ask you to take urgent action should be treated with caution. Cyber criminals want you to feel pressured to move quickly and they are skilled at creating a sense of urgency. Your best response is to be cautious of unexpected or out of character email messages and confirm their legitimacy before taking action.

ITS will be continuing phishing education this month using emails that mimic real attacks. A short training lesson will be assigned to any faculty and staff who repeatedly click links or open attachments in phishing emails, simulated or not.

For additional information on how to report phishing emails, please see the IT Service Portal guide, Reporting a Phishing Message (How-to).

— Information Security, ITS