Spear phishing: Avoid the bait!

Information Technology
lock icon on data background
In 2023, we can no longer assume that everyone with internet access is leveraging for the greater good. In today's digital climate, spear phishing and other online fraudulent practices are leveraged daily on a global scale to target vulnerable groups.

Recognize it:   

Despite widespread best efforts to inform, this remains a rising concern today. Email phishing and other similar types of online fraud tend to follow a pattern of evolving and changing shape, becoming increasingly sophisticated as time passes.   

Recently, online scammers have begun using different variations of text-mining technologies to uncover personal information and data. Scammers start by sending deceitful, tailored phishing messages to an email account to financially manipulate with online threats and fear tactics to ensure the individual succumbs as quietly as possible to financial blackmail without raising any red flags. The possibility of being misled online by someone dishonest is more significant than ever, despite all our efforts to take the proper precautions. These misleading messages may look like your average email correspondence, but it is crucial not to be overly trusting. The emails can come from someone claiming to be a close friend or colleague as an initial attempt to gain your trust.   

Newer fraudulent messages may even contain private information that only a close, personal friend of yours would know. In these digital times, these nefarious emails are quite sophisticated and harder to spot. Even technology experts can fall victim to spear phishing where the hacker gets information from their profile on the uOttawa website, LinkedIn, or a compromised friend's or colleague's email with whom you have been in contact before on. To avoid being targeted by these attacks, use an alternative communication channel if anything appears suspicious in an email you receive. Only click on links if you fully trust them.   

Report it:  

If you are suspicious of an email, clicking the "Report" button on your Microsoft Outlook account can prevent a cyber-crime. This function moves the potentially malicious email to your Trash folder. Additionally, this sends its metadata to experts who can evaluate and maintain security measures to stop the threat across the University. It is always good practice to keep personal information to yourself if you suspect something is wrong.