Russia-Ukraine war heightens cybersecurity awareness

Person reading email on a laptopThe Russia-Ukraine war has put us all on a global heightened cybersecurity awareness campaign. This is due to potential direct cyberattacks or indirect cyberattacks that may leak or spill out of the theater of operations.  

We are asking all in our UNCSA domain to report any unusual emails, attachments, files, or unusual solicitations to address this issue. When receiving an email use the following methods to help detect a phishing attempt.

Phishing Methods

Emails demanding urgent action

Emails threatening a negative consequence or a loss of opportunity unless urgent action is taken are often phishing emails. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email for potential flaws or inconsistencies.

Emails with bad grammar and spelling mistakes

Another way to spot phishing is through bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients apply autocorrect or highlight features on web browsers.

Emails with an unfamiliar greeting or salutation

Emails exchanged between work colleagues usually have an informal salutation. Those that start “Dear” or contain phrases not typically used in casual conversation are from sources unfamiliar with the style of office interaction used in your business and should arouse suspicion.

Inconsistencies in email addresses, links and domain names

Another way how to spot phishing is by finding inconsistencies in email addresses, links, and domain names. Does the email originate from an organization corresponded with often? If so, check the sender’s address against previous emails from the same organization. Look to see if a link is legitimate by hovering the mouse pointer over the link to see what pops up. If an email allegedly originates from (say) Google, but the domain name reads something else, report the email as a phish.

Suspicious attachments

Most work-related file sharing now takes place via collaboration tools such as SharePoint, OneDrive, or Dropbox. Therefore internal emails with attachments should always be treated suspiciously – especially if they have an unfamiliar extension or one commonly associated with malware such as .zip, .exe, .scr, and others.

Emails requesting login credentials, payment information, or sensitive data

Emails originating from an unexpected or unfamiliar sender that request login credentials, payment information or other sensitive data should always be treated with caution. Spear phishers, defined as a cybercriminal that poses as a trusted source, can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate.

Too good to be true emails

Too good to be true emails incentivize the recipient to click on a link or open an attachment by claiming there will be a reward of some nature. If the email sender is unfamiliar or the recipient did not initiate the contact, the likelihood is this is a phishing email.

How to report a suspicious email

Finally, please report any issues to our IT department if you are unsure.

  • In Outlook, report the message as phishing. Select the Report Spam/Phish link in the email, or select the Report Spam/Phish UNCSA button on the top ribbon.
  • If you use the Outlook Web app, right-click the message then go to Security Options > Report phishing to mark and report the email as a phishing attempt.
  • Delete the original email.

It is better to use caution and remain diligent. Thank you all for your attention to this matter.  

Contact: Greg Gleghorn

March 10, 2022

Submit an announcement