To defend ourselves against cybercrime, we cannot rely on technology alone. Cybercriminals constantly try different attack strategies, attempting to confuse, surprise, and manipulate their targets. Phishing emails are the most common attack strategy, and these messages are subject to the limitless creativity of their criminal authors. As a result, even state-of-the-art technology cannot perfectly detect and prevent all attacks. Fortunately, your powers of detection are even more sophisticated than the most advanced artificial intelligence. Because you can learn, adapt, and respond to even the most subtle threats, you are our best defense against evolving cyber threats.
Our office relies on your reports to prevent phishing attacks across campus. When you report a suspicious message, we will investigate it and remove other instances of the message from our system. Please don’t assume that someone else has reported it or that software has already detected it. If the same suspicious message is reported hundreds of times, we will be happy to know that our human firewall is strong. Nothing beats an active and aware user community in the cybersecurity arms race.
Reporting is now easier than ever. We recently introduced the Phish Alert Button (PAB) in Office 365. The button looks like an open letter with an orange fishhook on it. When you receive a suspicious message, simply click the PAB to report it to our office. For more information about the PAB, visit our website: https://informationsecurity.wustl.edu/phish-alert-button-how-to-report-phishing-on-campus/.
Need a refresher on how to detect phishing? Review our recent article, “Phishing 101,” on the Office of Information Security website: https://informationsecurity.wustl.edu/phishing-101/.