According to IBM’s 2014 Cyber Security Intelligence Index, human error is a factor in 95% of security incidents. Following are a few ways to identify various types of social engineering attacks.

  • What do they want? They want to lure you into exposing sensitive information like your username and password, bank account or credit card numbers, birthdate and phone numbers.
  • Think it isn’t happening at WCU?   WCUid accounts get phished on a regular basis. Because of training and other awareness most of them are unsuccessful. However, in the last 3 years we have had 3 phishing campaigns that were successful in getting multiple faculty and staff to respond and give up their credentials. In those 3 instances, 153 Help Desk tickets were created for people that reported themselves as victims.

What should I do?

  • Know the signs. Does the e-mail contain a vague salutation, spelling or grammatical errors, an urgent request, and/or an offer that seems impossibly good? Click that delete button.
  • Verify the sender. Check the sender’s e-mail address to make sure it’s legitimate.
  • Don’t be duped by aesthetics like logos or links to real websites.
  • Never, ever share your password. Did we say never? Yup, we mean never.
  • Avoid opening links and attachments from unknown senders.
  • Don’t open any attachments unless you’re expecting a file from someone. Give them a call if you’re suspicious.
  • When you’re not sure, call to verify. If the message is urging you to take action —exercise caution. Don’t hesitate to contact the company or sender directly to verify.
  • Don’t talk to strangers! Phishing also happens via phone and text messaging.
  • Don’t be tempted by abandoned flash drives. Be wary — it could be a trap to infect your computer with malware.

What to do if you get phished through your WCU Email account:

  • If you still have the email in your Inbox, Right-click on it, then select Junk, Block Sender.  This will help prevent these emails from coming to your Inbox in the future.
  • Forward the email to for any further action needed for the campus community.

Watch the Video: Don’t get Hooked