It’s been more than a year since Nebraska Medicine and UNMC debuted a new tool to make it easy to report a suspicious email. It’s called PhishAlarm, and you can spot the icon on your toolbar that allows you to report emails with a simple click of your mouse.
“The response to this new tool has been great,” said Lisa Bazis, chief information security officer. “We’ve received a lot of positive feedback as it is so simple to use.”
Since launching the tool in September 2017, more than 10,000 emails have been reported.
“When we receive these reports, the Information Security team receives all the information needed to determine if the email is a real phishing attack,” Bazis said. “We receive dozens of reports each day, and it has helped us quickly identify every major phishing incident since the release.”
If the email is determined to be a threat, the Information Security team immediately acts upon the issue to mitigate the risk.
“If you are not sure if an email is suspicious or legitimate, we simply ask you to report it and we will verify,” Bazis said.
When it launched, the PhishAlarm only was available for Outlook for Windows and Outlook web applications. It’s now available on Macs and Outlook Mobile Application.
A reminder of what to watch for:
- Don’t trust the display name. A favorite phishing tactic among cybercriminals is to fake the display name of an email.
- Check the links. Hover your mouse over any links in the body of the email. If the link address has numbers or special characters, don’t click on it.
- Check for spelling mistakes. Companies are pretty serious about email. Legitimate messages from companies usually do not have major spelling mistakes or poor grammar.
- Beware of urgent or threatening language in the subject line. Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”
- Don’t click on attachments. Including attachments that contain viruses and malicious software (malware) is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
For any further information or questions, you can create a request on the Information Security portal.
Learn more about how to report suspicious emails using PhishAlarm.