Information Security at the University of Hawai‘i

Phishing: Don't Get Hooked!

Phishing is one of the biggest cyber security problems at universities around the country. Anyone can be targeted by a phish; your actions are the most effective way to stop these scams.

When viewing e-mails, websites, or texts, be sure to S.E.A.R the phish: Stop, Examine, Ask, Report.

  • Stop!: Phishing messages may include urgent requests or require immediate action from the user. These requests are usually followed by threats of account closure or other similarly alarming consequences. Panic is one of the main reasons these phishes work. Stop, calm down, and take a closer look at these messages before taking action.
  • Examine the message, including all links and attachments: While phishes can contain easy-to-spot grammatical errors, they can also have convincing aesthetics like logos, legitimate links, phone numbers, and email signatures. Before clicking on links, even if it's an email from someone you know, make sure the link doesn't go to an unknown site. As a rule of thumb, do not open attachments from unknown sources. Malware can be hidden in nearly any file format, even in pdf and word document files.
  • Ask around for verification: Check the sender's e-mail address to make sure it's legitimate. When in doubt, ask the sender about the message. You can also ask others if they have received the same or a similar message; phishers will often send the same email to many recipients at once.
  • Report phishes as soon as possible! Forwards of the phish can be sent to phishing@hawaii.edu. Quick reports will allow ITS to block the phish and prevent many users from becoming compromised.

When I'm in doubt, I throw it out! Deleting suspicious emails and ignoring questionable links and posts is just common sense.

Source: STOP. THINK. CONNECT. When in Doubt poster

US-CERT Vulnerability Alerts

The United States Computer Emergency Readiness Team (US-CERT) provides the latest updates about current threats and vulnerabilities. You can subscribe to their feed to get the latest updates about ongoing vulnerabilities and other cyber threats.

Visit https://www.us-cert.gov/ to learn more.


Don't Fall for Phishing:
Stop. Examine. Ask. Report.
S.E.A.R. the Phish

SEAR the Phish Logo
SEAR the Phish

Stay Informed! Follow us and like us:

Twitter Logo Twitter     Facebook Logo  Facebook