Skip to main content

July Cybersecurity Awareness Tip: Report, don’t respond to unexpected urgent emails

Topic:
  • Announcements

Bee Cyber Fit in July Hero: Man looking at computer with hands on head

 

As technology changes, so do the ways cybercriminals stage their attacks. Be aware of the new ways cybercriminals use social engineering to trick you into providing access to your account.

Yale is seeing an uptick in attempted social engineering phishing attacks. These attacks consist of emails urging you to take quick action, including, but not limited to:

  • An urgent email appearing to come from Yale IT and threatening to cut off your email access if you don’t respond or log in via a link
  • A job offer via email that requests personal information to move forward

They aim to create urgency and fear to pressure you to act quickly, without thinking.

We are all overwhelmed with email. It can happen to any of us. To avoid falling victim, use these tips to steer clear of their threats.

  • Report, don’t respond: Don’t respond to unexpected, urgent emails. A threatening email may compel you to act quickly out of fear. Instead, reach out for help. Report the suspected phishing e-mail using Outlook's ‘report a phish’ option. Learn more about how to report phish in Outlook and EliApps.
  • Don’t enter your NetID and password via unexpected links or web pages. Remember, Yale will never ask for your username and password. Trust your gut, and don’t supply the requested details. Instead, report any email asking for this information.
  • Don’t approve unknown DUO MFA prompts. If you receive an MFA prompt that you did not initiate, do not approve it. Hit the red “deny” button. When the application screen asks if this is a suspicious login, select “Yes” to alert the security team to investigate further.

Remember our Bee SAFE, Not Sorry campaign about reporting suspicious behavior? Phishing attacks are something you want to report right away. It is better to be safe and report a legitimate email rather than respond and fall victim to a social engineering attack.

 

Bee Cyber Fit bees

Ready to learn more?

Keeping your and Yale’s data safe is critical. Visit the many resources we have on reporting incidents and social engineering. This includes our: