Phishing GUIDELINES

Here are some red flags that may indicate an email is trying to phish you:

• Tone of email is urgent (e.g., You have to contact us or you will have to pay large fines) - weak indicator

• Email promises an unrealistic reward or unrealistic bad consequence - weak indicator

• Sender claims to be from a reputable company but the email domain does not match (e.g., sender claims to be from microsoft.com but email address is like johnsmith@mymicrosoft.com  - strong indicator

• Email invites you to click on a link - weak indicator

• The link you should click shows text that denotes a reputable source (e.g., Verizon), but when you hover over it the URL is pointing to another place - strong indicator

• Email is unexpected - this sender has never emailed you before - weak indicator

• The sender's tone is suspicious - the sender is familiar to you but the tone/topic of email differs significantly from the sender's normal tone/topic when they communicate with you - strong indicator

• Email is extremely short - weak indicator

"Weak indicator" means that some benign emails may also exhibit this feature. "Strong indicator" means that almost no benign emails exhibit this feature.

In your browser, visit the URL you have received from your teacher and click on each email.

Assume you are a faculty member at Computer Science Department at University of North Star. Your name is Sam James. Your department chair's name is Daniel Thompson and your university president's name is Claire Quinton. Examine each email against the criteria you were told may be present in phishing emails and write down the IDs (numbers that appear in the name of the file containing the email) of emails that you believe represent phishing. 

When everyone is done share your findings with the class. Which phishing emails were easy to identify? Which phishing emails were missed by many students? Were there any legitimate emails that were misidentified as phishing?