Let’s play Spot The Problem with a recent email that landed in our in-boxes from, supposedly, Western President Amit Chakma:
From: Amit Chakma e.achakmaa@gmail.com
Sent: Friday, August 21, 2015 11:20 AM
To: peluchok@uwo.ca
Subject: Dear Faculty/Staff (IMPORTANT NOTICE)
Dear Faculty/Staff
This letter is to confirm our decision to our staffs that some of us has been terminated in duties as a result of going against the ethics and standard of the institution according to the information’s gathered over time, we advise all the affected to please bear with us, these listed staffs are relief of their duties until further clarifications. Should in case you identify your full names, department, email, appointment date/title, current position and ID number/phone number.
Please await our next mail for further required procedures. Please find the attached and download to view list.
NOTE: please if you receive any link message asking you to click don’t cause they are phishing,any message sent to you by me will be attached not link.
Thank you.
Okay, I stopped counting once I passed a dozen red flags –wild-eyed grammar and punctuation aside, is it really best to advise over email that “some of us has been terminated in duties” after they dropped the ball on “ethics and standard of the institution according to the information’s gathered over time”? That sounds like an in-person conversation to me.
And did someone really think Amit might send this ‘IMPORTANT NOTICE’ from a gmail account? Did he just finish watching Modern Family and think, ‘Hmm, I should probably send this really important message to everyone from my official Western email account. Nah, let me just hop on gmail aaannnd send.”
My question is simple: Why do some of you continue to click on phishing attempts we get on our work computers?
“Oh, I never do that.”
“What? I don’t fall for those.”
I know someone is lying. If those statements were true, and everyone deleted all the phishing attempts they receive, the rest of us wouldn’t have to read a daily email announcing someone somewhere on campus fell for this, so be careful.
If those statements were true, then why would Western’s ITS Department need to maintain a website, uwo.ca/its/accounting/official-email/phishing/, dedicated to tracking these scams? All the phishing attempts that make it through the spam filters and into our inboxes are listed there.
It’s because there are folks who click on these scams – a lot.
Click. Click. Click.
From now on, I vote the email warnings from ITS should read:
“Because the following Western employees have clicked on this latest phishing email, we are warning you not to click on it. Their names are:”
We’re all adults holding down full- and part-time jobs at an institution of higher learning, yet the second some of us see a shiny blue link telling us to ‘click here’ or life as they know it will come to a screeching halt, index fingers get click happy.
According to the Government of Canada website getcybersafe.gc.ca, 156 million phishing emails are sent globally every day; 16 million make it through filters; eight million are opened; 800,000 links are clicked; 80,000 fall for a scam every day. And given the volume of messages we receive, all of them seem to be sitting next to us.
Read the emails before you click. Why are you opening an attachment when you have no idea what you’re opening? Why no red flags when a note from your president comes littered with spelling and grammatical errors, bad formatting and broken syntax?
Just check the address. In the last week alone, phishing email sent to thousands of Western in-boxes came from wnsh218@gmail.com, wexum@email.ccbcmd.edu, ts0393@comcast.net and eva.malm@med.lu.se, to name just a few. Western’s ITS Department is not using random email accounts and domains. So, it is safe to assume these are always phishing attempts.
Look, next time you get an email like this, just don’t click on the link, open that attachment or hand over your email password. Just take a deep breath.
And if you still feel the need to open it, then perhaps someone needs “relief of their duties until further clarifications.”