Did you notice this suspicious message in your inbox last week?

You did? Great work keeping Georgia Highlands College safe by reported it to the Division of Information Technology with the Phish Alert button! Simply deleting suspicious messages is always acceptable too, of course.

Unfortunately, quite a few employees fell victim and either clicked on the link or gave out information to the simulated phishing website. This underscores why phishing is so dangerous. It only takes a momentary lapse in mindfulness or a failure to notice red flags in a message and your identity could be stolen or malicious software could be installed on computer.

Did you click on the link in this message? Don’t know how you fell victim to the phish? Let’s review the red flags present in this message:

1. Notice the sender’s address. The email domain (the part after the @) doesn’t match the organization in the message body and seems strange.

2. There’s a problem with the subject line, too. It doesn’t match the email body. Do we have 8 undelivered messages or 15 undelivered messages? What’s going on here?

3. A good question! Have you ever seen this notice before?

4. Always hover your mouse cursor over a link in a message to make sure it goes to the website you expect it to. The link in this message did not go to a Microsoft website.

We’ve also added you to a cybersecurity training program in KnowBe4 so that you can review the warning signs of phishing and practice spotting red flags in email so that you can ace our next test in March! Please complete this short training module by the end of this month. You should already be receiving periodic reminder emails to access this training by visiting training.knowbe4.com and clicking on the Phishing Foundations course.