Body
Congratulations, You Have Spotted a Phishing Attack!
Good job, you are doing your part to protect yourself and Grand Valley. By not entering your credentials, you have prevented potential harm to your identity and to the organization itself.
The GVSU Phishing Assessment Program is a part of the annual cybersecurity training helping GVSU gauge the awareness around identifying phishing emails. Our goal is to meet or exceed the industry standard click through rate which is 10% or less. GVSU has purchased KnowB4 to offer further training to faculty and staff. We will have a campus wide announcement on how to access and use this training in the near future.
The most recent GVSU phishing email is shown below with the areas highlighted that are clues to help you understand what to look for in identifying phishing emails.
If you are unsure about the validity of any email, forward the email to the IT Security at phishing@gvsu.edu for evaluation.
GVSU Phishing Email Sample
Clue 1
The subject of the email does not describe a typical meeting invite.
Clue 2
The from address is not from GVSU or other expected sender. Note the address is from NFLShop.com@tecidal.com.
Clue 3
The message does not contain the usual Zoom meeting invite options.
Clue 4
When you hover over the "Review invitation" button, you see a non Zoom web address (https://www.attemplate.com).