Oops! You fell for a phish!
This is a simulated phishing exercise by your department.
If this had been an actual attack, clicking the link would have sent you to a dangerous site and exposed your system to ransomware, malware, or another cybersecurity threat.
When you receive an unsolicited email with embedded web links, keep the following tips in mind:
- Be immediately suspicious if the message tries to scare you, offers an incredible deal, or prompts you to reset a password or update account information.
- Check each link by hovering over it to see its true source. If the URL is unfamiliar or differs from what you expected to see, don’t click.
- Verify claims and offers via a trusted website or known phone number.
- Contact your IT support staff for advice if you’re unsure. Your IT support staff can verify whether the "From" email address is legitimate.
- Report suspicious emails to your IT support staff at engineering@xpn.org.
You can also direct your questions to Penn Office of Information Security at security@isc.upenn.edu or (215) 898-2172.
