Skip to main content

Oops! You fell for a phish!

This is a simulated phishing exercise by your department.

If this had been an actual attack, clicking the link would have sent you to a dangerous site and exposed your system to ransomware, malware, or another cybersecurity threat.

When you receive an unsolicited email with embedded web links, keep the following tips in mind:

  • Be immediately suspicious if the message tries to scare you, offers an incredible deal, or prompts you to reset a password or update account information.
  • Check each link by hovering over it to see its true source. If the URL is unfamiliar or differs from what you expected to see, don’t click.
  • Verify claims and offers via a trusted website or known phone number.
  • Contact your IT support staff for advice if you’re unsure. Your IT support staff can verify whether the "From" email address is legitimate.
  • Report suspicious emails to your IT support staff at engineering@xpn.org
You can also direct your questions to Penn Office of Information Security at security@isc.upenn.edu or (215) 898-2172.
 
Image
Phishing clues in the email message