May Security Tip: Fight the Phish Against Social Engineering & Deepfakes
As part of our Fight the Phish campaign, we want to highlight a growing threat: social engineering and deepfakes. Attackers no longer rely solely on basic emails; they now use sophisticated social engineering to manipulate emotions and gain trust.
Deepfakes are a rising concern. They are AI-generated audio or video that impersonate campus leaders or colleagues. These "vishing" (voice phishing) attacks create a false urgency to trick individuals into revealing sensitive information or making unauthorized payments.
How can you fight back?
-
Limit the personal data you share online to reduce your visibility as a target. Attackers use public information from social media to tailor their lures. This Time, It’s Personal
-
If a message or call creates fear or urgency, stop and verify the request through a separate, trusted channel like a known phone number. Be skeptical of any unexpected request for money, gift cards, or credentials, even if it appears to come from a dean or a supervisor. Keep Your Guard Up.
-
Let’s Get Ready to Report Phish! Reporting is our best defense. If you receive a suspicious message in bMail:
-
Open the message.
-
Select "More" (three vertical dots) next to the "Reply" arrow.
-
Select "Report phishing".
For more tips and real-world examples, visit our Fight the Phish page and our Phish Tank
Stay Safe,
ISO