Individual Lessons, Quick Reference

Phishing Emails

AccordusU

November 29, 2023

ONBOARDING: At Accordus, we use a simulated phishing test to practice safe email security. During onboarding, you should be receiving an email invitation in the next few days inviting you to complete security awareness training through a company called KnowBe4 (email will come from [email protected]). This mandatory training will sharpen your skills in identifying phishing tests.

We will also continue to send out simulated phishing tests so you can practice the skills that you will learn during your training.

Please make sure you report these emails using the Phishing Alert Button.

—————

Moving forward, use caution and stay on high alert when receiving, clicking, and responding to emails. Here are some quick identifiers to help you spot phishing emails:

1. What email address is it actually coming from?

Here is an example where the “from” name is Shae Hinson, but the email is something else. It even looks like Shae is forwarding it to approve payment.

*It is also possible to “Spoof” an email address and make it appear that it is coming from something like “[email protected]” without displaying the true from email address. Tricky!

FYI – Accordus no longer sends emails from a .org domain.

2. What is the message asking you to do?

Usually, it will ask you to submit payments (often the message is urgent), provide personal information, or gain access to a system. Here is one message we’ve seen a few times: “Can you send me the direct deposit form so I can update my banking info for payroll? Thanks! – [Insert Accordus Team Member Name]”.

3. Trust your intuition and then follow up with the real team member. If you are unsure if an email is valid, please text or call the person it appears to be coming from to confirm it is from them.

What should you do if you receive an email like this?

1. Do not click, open, or reply to anything.

2. Use Microsoft’s Report phishing tool to prevent this person from emailing anyone else on our team. A copy of the email will also be sent to our team for review.