Compliance and Privacy: Phishing - Email

Expired

Phishing is when attackers send fake emails designed to trick people into falling for a scam. The intent is often to get users to reveal financial information, company data, system credentials or other sensitive information. They can also trick you into downloading a virus, and often they pretend to be someone you know.

96% of phishing attacks arrive by email. Another 3% are carried out through malicious websites and 1% via phone. When it is done over the telephone, it is called vishing and when it is done via text message, it is called smishing.

emotions sm

Top 10 Common Signs of a Phishing Attempt:

  • An Unfamiliar Tone or Greeting
  • Grammar and Spelling Errors
  • Inconsistencies in Email Addresses, Links and Domain Names
  • Sense of Urgency – ACT NOW, IMMEDIATE ATTENTION NEEDED
  • Suspicious Attachments and Pop ups
  • Unusual Request
  • Inauthentic or amateurish logos in email signatures
  • Recipient Did Not Initiate the Conversation
  • Request for Credential, Payment Information or Other Personal Details
  • Threats – LAST WARNING, ACCOUNT SUSPENSION

Examples of phishing attempt:

Phishing example

This is problematic due to:

  • Name and email do not match
  • Unexpected funds related request
  • Internal name from an external sender

Phishing example

This is problematic due to:

  • Name and email do not match
  • Sense of urgency
  • Unknown sender

How To Report a Phishing Email:

  • Click on the Report Phish Button in the toolbar of the email message:

Report phishing

  • If you’ve clicked on a bad link or given out your username or password, contact ITS Helpdesk immediately at 512-854-9175.

How To Protect Yourself:

  • Don’t Forward, Reply, or Interact with a suspicious email
  • Protect your computer by using security software
  • Protect your mobile phone by setting software to update automatically
  • Protect your accounts by using multi-factor authentication
  • Protect your data by backing it up

If you would like general information about HIPAA, click to view the HIPAA page. Or, if you would like information regarding Travis County’s HIPAA Policies, or to report a suspected privacy concern, contact the Travis County Compliance and Privacy Officer.