The UBC Cybersecurity team has initiated a campus-wide self-phishing campaign designed to educate all UBC employees on the dangers of falling for a phishing email. To put your mind at ease, your UBC login credentials have not been compromised and your password has not been recorded. The collected results from this exercise are confidential and will not be shared with your manager or any of your co-workers.
Real World Consequences
What could have happened if this was a real phishing message initiated by a criminal? In some cases, the message links to a very convincing-looking copycat website which, when visited, could record any information you enter afterwards; usernames and passwords, personal information, credit card details, and transaction numbers.
Another possibility is that the link or an attachment in the message would initiate a virus or spyware to be downloaded to your computer which could eventually lead to the criminal sending emails to even more victims while pretending to be you.
How Could You Have Known This Was a Phishing Email?
Your browser does not support the video tag.
What to do next
Check out these other valuable resources:
Learn more about how to spot "fishy" emails in your inboxLearn how to report phishing attempts
Learn about 'spear phishing' emails
Complete the full Fundamentals training to learn how to protect yourself and others