Skip to Main Content Skip to Main Navigation Skip to Footer
UNG Logo
  • Info For...
    • Accepted Students
    • Current Students
    • Parents & Family
    • Faculty & Staff
    • Alumni
    • Business & Community
    • International Students
  • Quicklinks
    • Directories
    • myUNG
    • Academic Catalogs
    • Athletics
    • Banner
    • Bookstore
    • Calendars
    • Campuses & Maps
    • Continuing Education
    • D2L
    • Employment / HR
    • IT Service Desk
    • Libraries
    • UNG Foundation
  • Admissions
  • Corps of Cadets
  • Academics
  • Cost & Aid
  • Student Life
  • News & Events
  • Athletics
  • About Us

Find the most up-to-date information on the Presidential Search site.
Information Technology
  • Get Started - IT Resources
    IT Success Guide Student Employee Guide Password Management
    Faculty/Staff Remote Work Toolbox Student Remote Work Toolbox
    Connectivity Resources Software Portal
  • Services
  • Security
    Information Security
    Phishing Awareness
    Bulletin
  • FAQ
  • Contact
    1. UNG
    2. About Us
    3. Information Technology
    4. Information Security

    Phishing Awareness

    What is Phishing?

    Phishing is a form of fraud in which a malicious attacker attempts to harvest sensitive information from a victim by impersonating a legitimate person, department or organization. Attackers will attempt to gain private data such as account credentials, bank account numbers, personally identifiable information (such as Social Security numbers), or any other information that could prove to be valuable to the attacker.

    Phishing campaigns often have different goals, such as:

    • Gathering University account credentials in order to be able to harvest sensitive student data.
    • Gain control of a computer in order to access data stored locally and on the network.
    • Trick a victim into downloading a malicious email attachment to infect computers, often with Ransomware.
    • Receive enough personally identifiable information to be able to steal an identity.
    • Obtain payment card information.

    Security Resources

    (login required)
    • USG IT Handbook
    • IT Policies

    Recognizing Phishing Campaigns

    You can typically identify phishing campaigns simply by analyzing the content of the email:

    • If an email came unprompted and is requesting sensitive data, it is likely a phishing scam. A legitimate organization will never ask for any personal information, including passwords, via email.
    • If an email is creating a sense of urgency or is trying to invoke fear for you to take action, such as changing your password now, it is likely a phishing scam.
    • If an email contains hyperlinks that do not match the web addresses for the organization that it came from, it is likely a phishing scam.

    Using just a few best practices, you can be sure to not fall victim to a phishing campaign:

    • Always review the sender of an email. For example, if you received an email claiming to be the UNG Information Technology department, but the sender is from a Google Mail account, this would be phishing scam.
    • Always hover your mouse cursor over hyperlinks in email messages prior to clicking them. By hovering your mouse over a link, the real web address will be displayed which can be used to confirm if the link is legitimate or not. For example, if there is a hyperlink claiming to be an email logon for UNG, but upon hovering over it displays an unknown website address, this would be a phishing scam.
    • Prior to logging in on a website, confirm that the address in the address bar is correct, and ensure that the connection is secure. If you are attempting to log in to a UNG service, but the website address does not match UNG, this is not a legitimate service. To confirm that your connection is secure, look for a green lock near the address bar, and confirm that the website address begins with https:// and not http:// .
    • If a phishing email is received, contact the Information Security department using the methods listed below.

    Reporting Phishing Attempts

    If you suspect that an email you received is a phishing campaign, you may forward it to the Information Security department at spam@ung.edu for analysis and advice for any further action on your part. In order to ensure that the Information Security department receives the full details from the email message, please forward the email as an attachment by using the following procedures:

    • Outlook Desktop Client
    • Outlook Web App (Office 365)
    • Apple Mail

    Outlook Desktop Client

    Windows

    1. Select the phishing email in Outlook.
    2. On your keyboard, press CTRL+ALT+F . This will create a new email message with the phishing email automatically attached.
    3. Add any pertinent details to the body of your new email message.
    4. Send this email to spam@ung.edu .

    Macintosh

    1. Right click the phishing email in Outlook, navigate to “Forward Special” and select “As Attachment.”
    2. Add any pertinent details to the body of your new email message.
    3. Send this email to spam@ung.edu .

    Outlook Web App (Office 365)

    Outlook Web App (Office 365)

    1. Compose a new email message and click the “Edit in a separate window” button in the top right corner.
    2. On your primary browser window, click and drag the phishing email into the body of the newly composed email message. This will add the phishing email as an attachment to your new message.
    3. Add any pertinent details to the body of your new email message.
    4. Send this email to spam@ung.edu .

    Apple Mail

    Apple Mail

    1. Right click the phishing email in Apple Mail and select the “Forward as Attachment” option.
    2. Add any pertinent details to the body of your new email message.
    3. Send this email to spam@ung.edu .

    Received Phishing Emails

    Below are a number of real phishing emails that have been received by UNG. Please note that names, hyperlinks and email addresses have been redacted.
    • View Phishing Emails

      From: Unknown .edu Email Account (Redacted)
      Sent: Monday, August 24, 2015 4:17 AM
      To: Name Redacted
      Subject: Alert

      There has been an automatic security update on your email. Click Here to complete update Please note that you have within 24 hours to complete this update because you might lose access to your Email Box.

      Thanks
      IT Helpdesk

      From: ADP Address (Spoofed)
      Sent: Friday, October 16, 2015 9:57 AM
      To: 13 UNG Accounts (Redacted)
      Subject: ADP Invoice
      Attached: Infected PDF File

      Your most recent ADP invoice is attached for your review.

      If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance.

      Please note that your bank account will be debited within one banking business day for the amount(s) shown on the invoice.

      Thank you for choosing ADP for your business solutions.

      Important: Please do not respond to this message. It comes from an unattended mailbox.

      From: Help Desk (Spoofed)
      Sent: Tuesday, October 6, 2015 6:31 AM
      To: Name Redacted
      Subject: Last Warning!!!Upgrade To Secure Your Account

      Your mailbox is almost full and out dated.

      Used: 1.93GB
      Available: 2.01GB

      This is to inform you that our webmail Admin Server is currently congested, and your Mailbox is out of date. We are currently deleting all inactive accounts so please confirm that your e-mail account is still active by updating your current and correct details by CLICKING HERE

      Regards,

      Thanks,

      Admin Department

      ©2014-2015 Help Desk, All rights reserved.

      From: System Admin (Spoofed)
      Sent: Monday, October 26, 2015 10:50 AM
      To: Name Redacted
      Subject: 5 new Message

      You have 5 new Message pending due to mailbox space

      Click here to read

      Sincerely

      System Admin

      From: Unknown .edu Email Account (Redacted)
      Sent: Thursday, June 23, 2016 7:34 PM
      To: Name Redacted
      Subject: IT DESk

      Access to your mailbox account is about to expire, we recommend that you upgrade to avoid account suspension.
      Please CLICK HERE for quick upgrade.

      From: IT Service Desk (Spoofed)
      Sent: Thursday, August 3, 2017 10:24 AM
      To: UNG Employee (Redacted)
      Subject: !!! TREAT VERY URGENT !!! 

      Dear Email Account User,

      Your e-mail account was LOGIN today by Unknown IP address, click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages

      CLICK HERE        

      You may find this message in your Junk folder due to the unusual activities, kindly move to your inbox and click on the above link. 

      Privacy Policy | ©2017 Office of Information Technology. All rights reserved Management Team

      From: ADP Payroll Team (Spoofed)
      Sent: Saturday, June 3, 2017 10:16 AM
      To: 200+ UNG Accounts (Redacted)
      Subject: Important Notice for ADP Users

      Dear Member,

      You have one unread message.

      1 Unread Message  

      Thank You,

      ADP Payroll Team

      From: Redacted
      Sent: Monday, May 8, 2017 4:55 AM
      To: UNG Employee (Redacted)
      Subject: General Notice, 

      General Notice, 

      This is to inform you that there is a change and update in our mail server; all User are required to update their information to avoid termination or suspension of account. 

      To update you information  CLICK HERE. OR copy this link pest it on your browser bar <URL REDACTED>

      Kindly click above instruction to update your information, we will process your request once we receive your information.

      Thanks

      Admin.

      Legal Disclaimer 

      From: ADP Portal (Spoofed)
      Date: Wednesday, February 8, 2017 1:05 PM
      To: 11 UNG Accounts (Redacted)
      Subject: Important Changes To Your Pay Stub. 


      Attention!

      Important changes have been made to the "Pay" section of your account.

      To view these changes, login with your "user@domain" User ID and Password at: My ADP Portal

      Need help or have questions about your account? Contact the HR/Payroll Department for assistance.



      This email has been sent from an automated system. DO NOT REPLY TO THIS EMAIL.

       

    Contact UNG IT

    For IT assistance, email helpdesk@ung.edu or call 706-864-1922

     

    UNG Logo
    • Contact Us
    • Request Information
    • Quick Facts
    • Campus Maps & Directions
    • Student Consumer Information
    • Campus Safety
    • Emergency Information
    • Employment/HR
    • UNG Policies & Procedures
    • UNG Alumni Association
    • UNG Foundation
    • Ethics & Compliance Hotline
    • Human Trafficking Notice
    • Equal Empl. Opportunity

    © 2023 The University System of Georgia and the University of North Georgia.

    UNG follows the section 508 Standards and WCAG 2.0 for web accessibility. If you require this content in another format, please send an email to the ADA Coordinator.

    Use of military-themed imagery does not constitute endorsement by the U.S. Department of Defense.

    • Accreditation
    • Accessibility
    • Privacy Policy
    Establishing Connection...
    AskNigel