Phishing Email

One of the most important issues related to IT security is the phishing email. We all get phishing emails from time to time and it is extremely important to pay attention to any email you receive so that you don’t click links that may redirect you to unwanted sites. Phishing emails are sent to users in hopes of the hacker obtaining personal information like passwords, credit cards, social security numbers, etc. Phishing emails often look legitimate and can look as if they come from someone within the organization.

When you receive any email, ask yourself these questions:
  • Is this email from someone I know?
  • If so, was I expecting the email and/or does the content make sense coming from that person?
  • If the sender appears to be a UT employee, does the sender’s directory information make sense that they would be asking these things? (e.g., a UTHSC employee using a UTM logo)
  • Are there a lot of grammatical or spelling errors in the email?
  • If I hover over the link address, does the address appear to match what I am expecting?
Remember these important tips:
  • No one at UT will ever ask for your password in an email.
  • No one at any bank, credit card company, etc., will ever ask for your password in an email.
  • Never share personal information with anyone via email, text, phone, etc. You should look up the official phone number of the purported sender and call them.
  • If you think the email is a phishing attempt, forward the message to abuse@utk.edu. Remember that you must send the email headers for a report to be made. 


How to send email headers

In Outlook, to forward a suspected email message you have received you must first display the full headers, and then insert them into the body of an email message.
  • Open the email message for which you want to view the headers. In Outlook 2016, 2013, or Outlook Web Access (OWA), double-click the message so that it opens in its own window.
  • In Outlook 2016 or 2013, select the File tab. Click the Properties button. To the right of Internet headers, the header information will be listed. Click the Close button.
    In OWA, click the Message Details button (the icon is an envelope with a small document over it).
  • The message headers are at the bottom of the window, in a box labeled Headers: or Internet headers:
  • Select all the headers by clicking and dragging the cursor from the top left corner to the bottom right corner of the header text.
  • Press Ctrl-c to copy the headers to the Clipboard.
  • Choose to forward the email, click in its main text window, and press Ctrl-v to paste the headers, sending the entire message and headers to abuse@utk.edu.
 
Remember to take a few seconds to think about the email message before you click on any links. We must do everything we can to protect the Institute’s data as if it were our own.