Skip to main content
Visit Remote Work Tools & Guidelines and Student Remote IT Support for details on working remotely under the University's Coronavirus (COVID-19) recommendations
Penn Information Systems & Computing Systems Home

Search form

  • Find my LSP
  • Penn
System Status
  • Get Started
    • IT Staff
    • Faculty
    • Staff
    • Students
    • Alumni & Guests
    • ISC Staff
  • Services
    • — Services A to Z —
    • Accounts, Access & Security
      • Access Management Services
      • Active Directory
      • Identity Management Services
      • Information Security Services
    • Applications & Data Analytics
      • Application Development & Delivery
      • Data Analytics
        • Data Analytics at Penn
      • Integration Development & Delivery
    • Backup, Storage & Platforms
      • BackItUp
      • Backup for Desktop & Laptop
      • Cloud Solutions
      • Data Center Services
      • Database & Middleware Services
      • Endpoint Management
      • Recovery Services
      • Storage
      • Virtual Desktop
      • Virtual Server Hosting
    • Community, Support & Learning
      • Classroom Technology Services
      • Desktop Engineering
      • IT Community Events
      • Knowledge Link
      • LinkedIn Learning
      • Provider Support Services
      • Tech Center
    • Consulting & Professional Services
      • Brokered Products
      • HireIT
      • Systems Support & Consulting
      • Technology Forecasting
    • Email, Calendaring & Collaboration
      • Classlists
      • Penn Email Routing
      • Penn+Box
      • PennNet Mailing Lists
      • PennO365
      • PennZoom
      • SMTP-Relay
      • Secure Share
    • Networks & Connectivity
      • Firewall Services
      • Network Design & Installation
      • Network Names & Numbers
      • PennNet
        • MAGPI (Penn's Internet2 Regional Optical Network)
      • PennNet Ethernet Ports
      • Wireless at Penn
    • Phone, TV & Video
      • Broadcasting Studio
      • Contact Center
      • Live Video Streaming
      • Penn Video Network
      • PennFlex Phone
      • PennNet Phone
      • Traditional Telephony
      • Video Content Management
      • Video Production
        • Producing Video Content
    • Web Hosting
      • Web Services
    • — Service Rates —
    • — Service Level Agreements —
  • Security
    • Office of Information Security
    • Security Services
    • Special Projects
    • Policies & Procedures
    • Training & Awareness
  • Collaborations
    • Engaging Penn’s IT Community
    • Identity & Access Management
    • Cloud First
    • Next Generation Unified Communications
    • IT Advisory Groups
      • Common Solutions
      • IT Roundtable
      • Network Policy Committee
      • Penn Technology Investment Committee
        • About PTIC
    • Special Interest Groups (SIGs)
      • Audio-Visual (AV-SIG)
      • Cloud Computing (Cloud-SIG)
      • Data Visualization (DataViz-SIG)
      • Developer SIG (Dev-SIG)
      • High-Performance Computing (HPC-SIG)
      • Instructional Technology SIG
      • Linux SIG
      • Macintosh Networking Group (MacNet)
      • Mobile Technologies (Mobile-SIG)
      • O365 Special Interest Group
      • PC Networking Group (PC-Net)
      • Project Partners SIG
      • Security SIG
      • Social Media SIG
      • Splunk Special Interest Group
      • Super User Group (SUG)
      • Web SIG
    • Technology Services Strategy Review Board
  • News
  • Events
  • About
    • Overview
    • Leadership & Groups
    • Purpose & Values
    • Strategic Goals
    • Recognition
    • Tech Jobs @ Penn
    • Contact Us
  • Hot Topics
  • Get Help
    • Support Center
    • Contact ISC Client Care
    • Rates for All Services

You are here

Home » Phishing Teachable Moment - Attachment W2

Phishing Teachable Moment - Attachment W2

Oops! You fell for a phish!

This is a simulated phishing exercise by your Center.

If this had been an actual attack, clicking on the attachment would have downloaded a malicious code (malware), sent you to a dangerous site and exposed your system to ransomware, steal your information and identity, attack your contacts or files, or another cybersecurity threat. 

How to recognize a phishing email:

  • The sender may not be legitimate. Don't trust the FROM field - it can be spoofed. 

Sometimes phishing messages even spoof the TO field. Read the FROM and TO fields carefully. 

  • An enticing subject line to lure you to read the message.

The subject line may indicate an account deactivation or service cancelation or winning a prize or a request for information. In this phishing email, the subject line indicates important tax information needed during tax filing time. 

  • Impersonal greetings.

Generic greeting. If the email is not addressed to you in person, e.g., addressed to "staff" instead of your name or doesn't include a greeting. The signature is vague, provides wrong contact information or lacks the sender's contact information. 

  • Grammatical and spelling errors.

Noticeable grammatical, spelling and stylistic errors in the email message. The overall wording and "voice" seem a bit off. 

  • The email message elicits an action

Request to click on a link, open an attachment or provide sensitive information. In case of a link, hover your mouse over the URL, does the link look familiar? If it is an attachment, check with your School or Center IT support staff if the email message claims to be from a Penn entity before you click on an email attachment you were not expecting. 

For Questions about this simulated phishing exercise, please contact Victoira Iannotta at iannotta@upenn.edu. 

_________________________________________________________________________________________________________

The following image highlights the phishing clues in the simulated phishing message:

FRES phishing campaign teachable moment

Share:

  • Facebook
  • Twitter
Print
InfoSec Home
Resources
  • Phishing & Spear Phishing
  • Email Headers
  • Phishing Email Messages Seen at Penn
  • InfoSec Awareness & Training
  • Phishing Teachable Moment - Notice: Order Confirmation 
Contact InfoSec
  • Computing Policies
  • Tech Jobs @ Penn
System Status

© 2021 THE UNIVERSITY OF PENNSYLVANIA — 3401 Walnut Street, Philadelphia, PA 19104 — Report accessibility issues and get help — For ISC Staff