Skip to main content

Phishing

In This Article

Scam Messaging and Impersonation 

Scams can come in email, text, phone calls or messaging apps.

Be aware of any communications that attempt to manipulate you into giving up information about yourself, others or the university or ask you to take any action with data or money (gift cards are a common request). Often these types of messages attempt to impersonate people you know or people in a leadership position. Always verify through another source if you are being asked to make any purchase or provide information.

Here is a quick video with some pointers. 

Security Snapshots

 

Here are a few recent examples of scam messages to avoid.

Email Example 1
SMS Example 1
Email Example 2
SMS Example 2

 

Phishing Awareness 

Email phishing is the favorite tool of criminals. The bad guys are using phishing attacks for nearly every cybercrime on their list. Identity theft, ransomware, extortion, financial fraud and nearly all major breaches in the news start with a phishing email. The COVID-19 pandemic in particular saw a massive surge in phishing that attempted to exploit people's views or fears of the virus. 

Olivet has partnered with the company KnowBe4 to provide resources for training on how to identify and avoid Phishing emails.

KnowBe4

Below is a video provided by KnowBe4 at the height of the Covid-19 pandemic. The information is still relevant about how attackers exploit circumstances to trick you into giving up information. 

 

Phish-Fridays 

Olivet has partnered with KnowBe4 to implement Phish-Fridays. 
Every Friday, a rotating portion of ONU mailboxes will receive simulated phishing emails that are based on real-world phishing attacks. If you click on the link in the email, you be directed to a dynamic KnowBe4 page with advice on how to spot Phishing emails and some red flags in the simulation you received (example below).

red flags

 

 

What Is In the KnowBe4 Training? 

KnowBe4 offers a whole suite of cybersecurity training that includes topics beyond phishing, so there could be many other resources that are available to you. However, phishing awareness will be available to everyone within the KnowBe4 portal.

Dashboard

The dashboard shows a snapshot of your activity related to phishing simulations, an overview of your assigned modules and your ONU account's risk exposure based on your actions and position in the university. 

Dashboard

Training

The training tab shows you the modules that are assigned to you. These could be videos, interactive training modules, security assessments or other content. From this page you can start or resume any of the content that is available to you. 

Training

Library

This section shows content that is not assigned to you, but is available to everyone to complete at any time. By default, everyone should have access to a few interactive games that are fun ways to learn about some security concepts. 

Library

 

How Do I Report Phishing Messages? 

Use the Phish Alert button.
The Phish Alert button will report offending messages to our security team and the KnowBe4 system. 

Where is the Phish Alert Button?

The Phish Alert button is in different places depending on how you are reading your email. In general, you need to be using one of Microsoft's products: Outlook for Windows, iOS or Android or through email.olivet.edu. Below are a few pointers on where to find the Phish Alert button. 

Outlook for Windows: 

Method 2

 

Outlook Web Access 

or

New Outlook

OWA - PAB

If you do not see this icon, you will need to add it. See this video. 

Outlook app on iOS

iOS

Outlook app on Android

Android