New approach for reporting suspicious emails

September 14, 2017

Image with file name: Phishing1003.jpg

Beginning Sept. 18, UNMC will roll out a tool for reporting suspicious emails, called PhishAlarm®.

PhishAlarm is an email add-in that allows you to easily report suspicious email with a click of your mouse. When emails are forwarded using this capability, security analysts receive all of the information they need to determine if the email you reported is a real phishing attack. When the tool goes live, UNMC employees will see a PhishAlarm option in your email toolbar.

How it Works

picture disc.
When you receive a suspicious looking email, either within the message preview pane or the opened message, click on the PhishAlarm option located in the Outlook toolbar and select "Report Phish" from the drop-down menu.

You will receive feedback via an immediate pop-up window or an email. The reported email will be placed into the Deleted Items folder. The reported email will be automatically forwarded to Information Security for further analysis.

What to Report
Please review the email carefully before you click on the button.

Some key things to look for:

  • Don't trust the display name. A favorite phishing tactic among cybercriminals is to fake the display name of an email.
  • Check the links. Hover your mouse over any links in the body of the email. If the link address has numbers or special characters, don't click on it.
  • Check for spelling mistakes. Companies are pretty serious about email. Legitimate messages from companies usually do not have major spelling mistakes or poor grammar.
  • Beware of urgent or threatening language in the subject line. Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your "account has been suspended" or your account had an "unauthorized login attempt."
  • Don't click on attachments. Including attachments that contain viruses and malicious software (malware) is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don't open any email attachments you weren't expecting.

Initally, PhishAlarm® only will be available for the Outlook web app online and Outlook for Windows, not on Mac or mobile apps (except for the OWA mobile app).

Questions? Please contact Information Security at infosecurity@unmc.edu.

Comments

Fill out the following and your comment will post once it has been approved.

Name (Required)

Email (Required)

Thank you, your comment will appear below once it has been approved.

Carol Kolar
September 14, 2017 at 10:03 AM

Truly that red caution warning gets passed along with your reply and creates a rude atmosphere when people are "real". The warning also makes it impossible to preview the email and you end up having to open email you really did not want because you can't tell what it is about. Put the warning somewhere else for us if it must be there.

Kay Wagner
September 14, 2017 at 9:42 AM

We just had a bit of a discussion this morning about the relevance of the red CAUTION note in front of every email coming from outside of UNMC. Maybe this was a necessary thing to prevent more phishing attacks, but now its getting annoying not being able to preview the beginning of an email on a phone app to eliminate spam. Also, it is particularly bad when you have that message retained in every reply which is then for a recipient to see that his/her email was flagged for no apparent reason. Perhaps its time to eliminate the CAUTION message since most of us got the memo.

Sarah
September 14, 2017 at 9:29 AM

That warning is the WORST! It's so distracting and startling to see that at the top of every email, in bold red letters. Wish we could remove it.

Anjella Heath
September 14, 2017 at 8:38 AM

I agree with the comment above. Every email I get from our clients outside of UNMC includes this cautionary warning. It's really awful.

Michael D Mann
September 14, 2017 at 5:56 AM

The adding of the warning that an email is not from UNMC eliminates one way of deciding that we don't want to read a suspicious email. All we get in those cases is the name of the sender real or not. Eliminate the warning or allow us to turn it off. Thanks.