What are Phishing Emails?
People who want to steal your information can be clever. A common trick used by cybercriminals is to send you an email, which appears to come from someone you trust. The email will urge you to click on a link to verify your account, update your “expired” password, or open an important attachment.
Often these messages are marked as Urgent and contain links to sites designed to steal your information or hack your computer. Remember, UBC will never ask you to provide your password.
156 million phishing emails sent each day
80,000 people fall for a scam each day
How Can I Recognize a Phishing Email?How Can I Recognize a Phishing Email?
Phishing messages can come in many different disguises, from sophisticated deception to obvious fraud.
Watch out for these common characteristics of phishing emails:
- Non-UBC Email (“CAUTION: Non-UBC Email” indicator at the top of the body of email)
- Sense of urgency and time constraint, very brief
- Requests to verify accounts or credit card numbers
- Anything too good to be true
- Unexpected Emails
- Information mismatches
- Suspicious attachments
- Unprofessional design
*Remember: “Think before you click the link”. If you have any concerns about a message or link, don't open the message or click the link. Instead, forward it as an attachment to security@ubc.ca
What if I Accidentally Fall for a Phishing Email?
As cybercriminals get more sophisticated with their tricks, it can be harder to recognize phishing emails. If you respond to a phishing email with your password, change it immediately and notify the UBC Cybersecurity team at security@ubc.ca so we can work with you to protect your account.
If you accidentally open an attachment from a suspicious email, delete it immediately (and empty the Recycling Bin on your desktop) and send an email to security@ubc.ca to let them know about the incident.
How Do I Report a Phishing Email?
If you receive a suspicious email of any kind, please forward it as an attachment to UBC Cybersecurity at security@ubc.ca immediately. When we are made aware of a phishing campaign, we can immediately begin identifying and protecting accounts that may have been compromised.
Fast reporting from members of the UBC community has helped save many accounts from potential privacy breaches.
If you are working from a cellphone or tablet, which makes it difficult for you to forward an attachment, please just forward the email to security@ubc.ca and then follow up with the attachment at your earliest opportunity, referencing the Incident ID, which will have been automatically generated for you.