Skip to content
UW Medicine Information Security

Phishing Landing Page

You Could have been Phished

alert   The email you just acted on was a test.

It was NOT a real malicious email message, aka a “phishing” message. Instead, it was authored and distributed by UW Medicine’s Information Security team as part of our Security Education, Training, & Awareness initiatives.

If it had been a real phishing message, cyber-criminals might have used this opportunity to deliver malware or steal your personal information.  The information on this page is designed to help you better protect yourself and UW Medicine in the future.

How to Avoid Phishing Messages in the Future

stop

If the message includes a link to a website, do not click on the link unless it is trusted.  If a file is attached to the message, do not open the file unless you were expecting it and it is trusted.

think

Be skeptical. A message is most likely a phishing attempt if it asks you to disclose your password or other personal information or asks you to verify, unblock, or reactivate your UW NetID or email account. Hover before you click.  Hovering over the link with your cursor before clicking is a good way to verify where the link will direct you because the true destination of the link appears in the lower left border of most browsers.

act

If you suspect that an email message is a phishing attempt, you can report it by emailing it as an attachment to help@uw.edu, or simply delete it. If you accidentally click on a link or open a file in a suspected phishing email, report it to the Information Security team by contacting the UW Medicine Service Desk.

.

What is Phishing?

Phishing (pronounced “fishing”) is a method cybercriminals use to lure victims into disclosing sensitive personal information (like account numbers and passwords) or distributing malware (malicious software) using legitimate-looking email messages.

Phishing attacks are one of the most successful methods cyber criminals use to perpetuate fraud and infiltrate information systems.  The University of Washington and UW Medicine are frequent targets of phishing campaigns, which means every student and employee can help protect the organization.  The information obtained in a successful phishing attack may be:

  • Used to send spam via email or social media accounts
  • Used to gain access to confidential UW data or other electronic assets
  • Sold to criminals who then infect computers with malware or further misuse this information

Recognizing a Phishing Email

Since phishing tactics are constantly evolving, phishing emails can be difficult to recognize.  You can still learn to protect yourself and UW Medicine by:

  • Developing healthy skepticism – assume a message (and the links/attachments it contains) is a fake unless you trust or can confirm its authenticity.
  • Be suspicious of any email message that:
    • Has an urgent-sounding tone (“Your account will be suspended unless you immediately…”)
    • Asks you to disclose your password or other account information.
    • Asks you to visit a website or open an attachment to “fix the problem”
    • Contains harassing or threatening language with instructions to provide payment via a link

How this Phishing Email Could Have Been Spotted

The phishing email that you received was based on a real phishing email that was used against UW Medicine with a lot of success, so it is important to learn how to identify this email so that you will be able to spot future phishing messages. Many phishing emails recently have been using links disguised as attachments in order to get you to click on them. The easiest way to combat this is to verify the context of the email, if you are confused why you are receiving an email, don’t click anything before you look through your inbox and find out if it makes sense that you are receiving this email from the person who sent it. In this example you have probably never received an email from a Dave Johnson(as he is not a real person who works at UW) and probably are not dealing with any kind of “ACH Transfer”.

The next thing that you can do is hover your mouse over any link or attachment before you click on it and you will be able to see where it goes.

This shows up in different ways depending on how you are viewing your email, for example on the windows mail client or outlook client it will show you the link like so when you hover over it by the mouse.

 

If you are using Google Chrome or Microsoft Edge it will come up in the bottom left corner and look something like this:

 

If you want to see this in your browser use the example fake attachment below, it links to https://depts.washington.edu/uwmedsec/ hovering over the attachment below should show this link somewhere on the screen
attachment

Another thing to keep in mind when looking through emails is that phishing emails usually rely on authority, emotion, urgency, and scarcity in order to get you to click on their emails although not exclusively. 

This email also featured a number of spelling errors, which is also something to look for because real phishing emails often contain many spelling errors.

 

As are boxed and underlined in the image there are multiple spelling and grammar errors in the email which are easy to look over at first glance.

Login Page

For the login page, the first thing to remember is that opening an attachment on an email will never lead you to a webpage (they may open your browser but you should never have to log in). Fake login pages can often be very hard to spot, but there are a few ways to tell if the page is not real.

First, check the link, if it is not what it says it is do not log in.

 

As you can see the URL to this webpage is 140.142.56.72, not when the real Microsoft login URL is login.live.com.

Sometimes hackers will be sneaky and use a link that looks similar, or looks correct for the login page, if you are ever unsure just Google “[Company name] login” and see if the links match up and if the login pages look the same.

About This Webpage

UW Medicine relies on our entire community to help ensure the confidentiality, availability, and integrity of UW Medicine information systems, electronic health care systems, and data.

The best defense against phishing is education. Technical controls like email filtering, border firewalls, and anti-virus software are far more effective when combined with safe computing habits.

As an educational initiative, test phishing messages are distributed to UW Medicine staff at unspecified intervals. These messages simulate the social engineering tactics frequently observed in real phishing messages.

Questions

For more information or to request any of these services, please contact the Information Security team via the Service Desk (uwmhelp@uw.edu) or directly at uwmed-security@uw.edu.