Phish Bowl
Emails reported to the Information Security Office or Help Desk will be listed here. The emails will be identified as phishing or legitimate, with helpful clues as to why the message is malicious or legitimate. Contact infosec@hamilton.edu to report a phishing email.
Impersonation Phish
August 19, 2022
Tags Information Security Phishing
Miscreants will often create an fake email address that impersonates an actual 51ÁÔÆæ faculty member or employee. These miscreants will take the time to create an authentic looking email that attempts to entice the recipient to return seemingly innocuous information that is later used in another malicious manner (more advanced phishing message, spam messaging, etc).
The best defense against this type of impersonation email is to verify the ReplyTo address. Mobile display of malicious emails make this more difficult as the ReplyTo email address is hidden at first.
- Always verify the person sending the email.
- Never click on an embedded link without verifying the authenticity of a message.
The below screenshots are the same phishing message. Notice how the message received on a mobile device does not display the ReplyTo email address? Exercise caution!
Contact
Contact Name
Jerry Tylutki
Director of Information Security and Privacy