Phishing is one of the most common and effective attacks used by hackers today. At their core, phishing attacks use emails that attempt to manipulate or influence unsuspecting victims into clicking links to malicious websites or opening malware-infected attachments. If you fall victim to a phish, you could be surrendering your personal information, access to your accounts and files, or even control of your device.

As announced in UDaily last week, the University is launching the Secure UD "Take a BITE out of phish!" campaign to help members of our community identify and take action against these attacks. You can help guard against phishing attacks by remembering BITE:

• Be aware of the threat
• Identify the warning signs
• Tell us about suspicious messages
• Erase phish from your inbox

Each month, as part of the "Take a BITE out of phish!" campaign, a randomly-selected sample of employees will be presented with a harmless test phish that mimics the real attacks being launched against the University community.

The testing is non-punitive; you will not be punished for falling for a test phish. Instead, you will see a message about the campaign and advice for identifying phishing emails in the future. However, you are strongly encouraged to treat all suspicious emails as potentially dangerous.

If you receive any suspicious emails, please forward them to reportaphish@udel.edu (whether you think it's part of the test or not).

At the end of each monthly test, the test phish will be annotated and posted to the Secure UD Threat Alerts blog. Secure UD Threat Alerts also includes real phishing attacks reported by members of the University community.

To learn more about the dangers of phishing attacks and how to keep yourself, our community, and our University safe, visit the "Take a BITE out of phish!" webpage. If you haven't done so already, you can also complete the "Social Engineering" and "Email, Phishing, and Messaging" modules of your 2017 Secure UD Training.

Take action! Report any suspected phish to reportaphish@udel.edu and learn how to "Take a BITE out of phish!"

Phase I of 2017 Secure UD Training is now available and will run until late September.

2017 Secure UD Training contains modules on a variety of cybersecurity topics. To accompany the launch of the Secure UD "Take a BITE out of phish!" campaign this month, you are encouraged to complete the "Social Engineering" and "Email, Phishing, and Messaging" modules. These modules will equip you with the knowledge and skills to identify and report phishing attacks.

Secure UD Training is a modular, online, self-paced program that provides employees with the knowledge and skills to address cybersecurity risks and protect the University community. Modules are easy to complete; they use short training videos to deliver information in manageable chunks.

Phase II of 2017 Secure UD Training will be released in the fall.

Take action! Complete your 2017 Secure UD Training.

Currently, 26,000 members of the University community are protecting their accounts with two-factor authentication (2FA). 2FA is an easy way to add an extra layer of security to your account and protect your personal information.

The Review, UD's student newspaper, published an editorial on April 4 about how 2FA benefits the University community by adding "necessary online security" and, in conjunction with UD's VPN software, improved privacy.

Thank you for your support in switching to 2FA. As members of the University community, all of us share the responsibility to create a more secure environment for ourselves, each other, and our University.

Take action! Keep using 2FA to protect your University accounts, and enable 2FA on your personal banking, retirement savings, tax, and other accounts to protect the rest of your personal information, too!