Posted on: October 29, 2019
Today, we were going to post another #NCSAM tip about staying safe in a digital world. Were we able to? No, spammers had other plans for us. For the third day, Thompson Rivers University was hit with yet another spam and phishing email, trying to get users to give up their credentials.
What did our clients and users say to them?
Not today Bad Guys!
Today’s splat was sent to over 1500 TRU email addresses. Of those 1500+, 50 people forwarded it to firstname.lastname@example.org, within minutes and we received several phone calls about it. Within an hour, we had over 100 responses, with questions about the legitimacy of the email.
Did TRU’s IT Service Desk send it out? Of course not. We would never, ever, ever, ask you to verify your TRU email account by sending you to a link external and unrelated to TRU in any way.
So, we’d like to take this time to thank each and every one of you for NOT clicking on the link that was contained within the spam message. Oh, you clicked on the link? While we managed to block this link from the TRU network right away, links can be very dangerous when received from someone you do not know. It’s best NOT to click on them until you have verified the identity of the sender. If you are at all unsure, send it our way and we will happily verify it for you. And, we mostly promise not to tell the sender that you spam checked their email. Better safe than sorry, right?
Remember: when in doubt, send anything that is suspicious or out of character for the “sender” to infoSecurity@tru.ca and we’ll take a look at it for you. We’ve got tools and special precautions put into place to help protect the systems while investigating.