One fish, two fish, red fish, BAD PHISH

It can be difficult to tell the difference between a legitimate email and a malicious one. We have tools and trainings to help you: Phish Alarm and ITS Phishing Awareness Training.

one fish two fish image

It’s all fun and games until you give a hacker your password

Have you used Phish Alarm yet?

In the two years since we launched Phish Alarm, you all have used it to report over 35,000 emails. That’s great! The not-so-good news is that only about 25% of users have actually used the tool. 

If you suspect phishing in your inbox, try using the Phish Alarm feature in Outlook.  

When you use Phish Alarm, it sends your suspicious email directly to our Security team, who analyzes each submission for potential threats. If there is a malicious link or attachment, you’ll be notified and the offending email will be quarantined. You’ll also receive a notification if the email is safe. 

Check out our Phish Alarm video to learn more:

phish alarm

More info on phishing at WCM is available at phish.weill.cornell.edu

Did you take the ITS Phishing Awareness Training?

Remember that all WCM workforce members are required to complete ITS Phishing Awareness Training. Here are more details on how to access the training.

I think I fell for a bad phish. What do I do? 

If you think your WCM account has been compromised, contact ITS immediately at (212) 746-4878 and change your password. Our Security team will walk you through what you need to do. 

Protect your personal email, too! 

The same rules for identifying spam email apply to personal accounts as well. However, it helps to ensure that all of your software is up-to-date so your apps and operating system are running the latest security settings. You should also set up multi-factor authentication for any of your important accounts (e.g., banking apps) that allow it, and always back up your data. If you ever think you’ve accidentally provided confidential data to a phishing scammer, visit identitytheft.gov and follow the steps to begin securing your information. 

What do I do if I suspect phishing in my personal email account? 

Good question! Aside from using the spam button in your personal email account, you can also report potential email scams to local and federal government agencies. If you suspect your identity may have been stolen, report it immediately at www.identitytheft.gov.   

Did you take the pop quiz? 

Try our 10-question pop quiz on cybersecurity before Oct. 21, and we’ll contact winners on Oct. 28.

 

October is National Cyber Security Awareness Month, an annual collaborative effort between government and industry to ensure we have the resources you need to maintain your security online. Throughout October, we’ll be sending you tips on protecting your information and avoiding malicious attempts to extract your personal data. Check out all the tips here.

Need Help?

myHelpdesk
(212) 746-4878
Monday-Sunday
Open: 24/7 (Excluding holidays)
SMARTDesk
WCM Library Commons
1300 York Ave
New York, NY
10065
M-F
9AM - 5PM
Make an appointment

575 Lexington Ave
3rd Floor
New York, NY
10022
Temporarily Closed