Oops! Looks like we tricked you this time...
You clicked on a TEST phishing email.
Don’t worry, this is an authorized phishing awareness exercise conducted by Information & Technology Services (ITS). This is not a true phishing attack and your information remains secure.
Please review the information below to learn how to protect CPS data and your own private information from future phishing attacks.
Once you’ve reviewed this information, please click the “Acknowledge” button at the bottom of this screen.
Tips To Avoid A Phishing Attack
A phishing attack is a fake email designed by cyber attackers to look like it’s coming from a trusted brand, institution or person - including a CPS colleague.
The goal of the fake email is to get you to give up sensitive information. That typically happens one of two ways:
- You voluntarily give away information by responding to the scammers request; or
- The scammer pushes a virus or malware to your device - be it computer, tablet or mobile phone - through the link or attachment.
Once an attacker has your personal information, financial data or account logins, the information can be used to infiltrate your accounts, resulting in the theft of money, identity or even more personal information.
The best way to defend yourself against a phishing attack is to learn to spot a phish.
Tips To Avoid A Phishing Attack
A phishing attack is a fake email designed by cyber attackers to look like it’s coming from a trusted brand, institution or person - including a CPS colleague. Or in this case, from Dropbox. Which, if you’ll recall, is expressly prohibited for use per the Acceptable Use Policy.
The goal of the fake email is to get you to give up sensitive information. That typically happens one of two ways:
- You voluntarily give away information by responding to the scammers request; or
- The scammer pushes a virus or malware to your device - be it computer, tablet or mobile phone - through the link or attachment.
Once an attacker has your personal information, financial data or account logins, the information can be used to infiltrate your accounts, resulting in the theft of money, identity or even more personal information.
The best way to defend yourself against a phishing attack is to learn to spot a phish.
Protect Yourself: Spot the Phish
Check out these tips and watch our to see demonstrations of how to put these tips into practice.
1 Who is the real sender?
Does the organization the email is supposed to be from match the address inside the " < > ?" Most phishing attacks are sent from an individual email account that has nothing to do with the organization, or it’s close to the real thing...but not close enough.
Also check the salutation and footer of the email. Beware of generic greetings and footers that don’t contain company information, like an option to unsubscribe or the company's physical address.
Scam: Support@dropbox-alerts.com
<support@dropbox-alerts.com>
Legit: Dropbox
<xxxx@dropbox.com>
2 Does the URL go where it should?
Use your mouse to hover over the link to check the URL. The most effective tool we have to defend ourselves against phishing attacks is the mouse hover. It tells where any hyperlink or button in an email wants to take you without having to click the link.
Note: When you hover over a link, the URL will display in the lower-left corner of the screen. The URL that appears here is really where you’ll go if you were to click the link.
3 What information am I being asked to provide?
Legitimate companies will not ask you to provide personal or sensitive information via email.
Nor will legit businesses or people ask you to buy gift cards for them. No one at CPS will ask you to buy gift cards!
Are you available? I need your help to buy Visa gift cards. Please buy $200 in cards and email me the serial number on the back of the card. Thanks!
4 I received a suspicious email. What should I do?
If you suspect you received a phishing email, please report it to ITS by forwarding the email to ReportPhishing@cps.edu.
Do not click on links, open/download attachments or respond to suspicious emails! Report the email and forget it.
Reporting a scam email allows ITS to block it from the CPS network.
