How did I get here?!
Hello! If you are seeing this, you either clicked on an attachment or a link in an email claiming to contain a voicemail message for you. That email was part of an exercise conducted by SAS Computing and Penn’s Office of Information Security (OIS).
We want to help you recognize phishing emails and think twice before opening suspect attachments that could contain malware or redirect you to a fake login page designed to steal your password.
Penn has been increasingly targeted by phishing campaigns intended to lure you into entering your login credentials to access some kind of “important” document. These can take a variety of forms, such as:
- Urgent, but vague, health warnings or virus exposure alerts
- Notifications about annual raises or changes to payroll deadlines
- Unexpected, but seemingly innocuous, attachments (forms, reminders, invoices, etc.)
- Official correspondence from school leadership (e.g. department chairs or the university president)
Often, the source of these messages is further obscured by the copying (or “spoofing”) of your own address as both sender and recipient. This should be a major red flag; if you didn’t send the email to yourself, assume it is fraudulent. Any legitimate message should display the actual sender in the From: field.
The link or attachment provided on a phishing message may lead you to a very passable copy of Penn’s PennKey login page. The only telltale sign could be that the website address does not start with https://weblogin.pennkey.upenn.edu (although it may end with it). For more information on how to spot fake login pages, see:
https://computing.sas.upenn.edu/infosec/protectyourpennkey
Never enter your login credentials on an unknown website (hover over the link to check the URL). If you have any concerns about whether a message is genuine, check with the sender or ask your LSP before clicking on any links. Your LSP is always happy to help answer any questions you may have about suspicious emails or links!
For more tips on protecting your data and accounts, see: