IT test email used to raise awareness about phishing scams

WVU Medicine Information Technology (IT) recently conducted a mock phishing test using an email to measure employees’ awareness of email phishing threats and to provide IT security training.

Phishing attacks occur in home and work email accounts. Please read this information to protect yourself. You can protect your family, friends and work associates by sharing this information with them.

The definition of phishing is a request of confidential information over the Internet or via email under false pretenses in order to fraudulently obtain credit card numbers, passwords or other personal data. It’s a simple but effective way for cyber criminals to circumvent an IT department’s technical security controls.

When opened, a phishing email infects computers with malware. There are many types of phishing attacks. Ransomware is one type of malware that is used in a phishing email to attack computer workstations.

Ransomware software is a computer infection that cyber criminals use to capture information and hold it hostage for a ransom. WVU Medicine employees can help protect the network by diligently reviewing the source of emails they receive. WVU Medicine IT asks employees to take time to insure that they know the source of the email before clicking on any links contained in the email.

Phishing attacks, such as the one that occurred at Hollywood Presbyterian Hospital recently, can disrupt patient care if workstations are infected.

This graphic provides an explanation of the mock phishing email that was sent by WVU Medicine IT Feb. 25. The captions provide clues to assist employees in identifying phishing emails. Remember that WVU Medicine IT and the Help Desk will never ask for a password or need to know a  password to activate an account or troubleshoot any other issues.