You clicked a potentially dangerous link in a DHS phishing test!

Secure UD Logo

The University of Delaware has partnered with the US Department of Homeland Security (DHS) to test the security of UD's IT resources. As part of these tests, the DHS launched a simulated phishing attack against UD email accounts.

Recently, real phishing attacks on UD have begun using UD branding and terminology to trick UD employees into compromising the security of UD accounts, devices, and networks. This phishing test is designed to determine how vulnerable our users are to this prevalent and significant threat.

In a real phishing scam, clicking that link could have led to the compromise of

  • your account,
  • your device, and
  • the UD network.

Remember, never click unverified links in emails. Also, no legitimate organization will ever ask you for your credentials or personal information through email.

Phishing scams use links to malicious Web pages to

  • infect your computer to steal your University or private information or take control of your computer, or
  • lead you to fake Web pages to trick you into surrendering your account information.

If you encounter a suspicious email, report it to IT immediately.

The following links will help you educate yourself about phishing threats and best practices for avoiding them.
Review related resources

Use the following links to get more information about phishing attacks and how to identify and avoid them.

Learn to recognize phishing tactics
Phishing email scams try to defraud you by getting you to act without thinking.
  • The lure: Phishing email often expresses urgency ("Click immediately to repair your bank account.") or contains an element designed to shock you into action--e.g., a notification that your cellphone bill is $1,913.65.
  • The hook: If you click the link or reply to the message and provide the information the scammer asks for, he has gotten you to swallow his hook.

    No legitimate organization will send you email asking you to provide confidential information by just replying to the email or clicking a link.

  • Spear phishing: Recently, scammers have begun tailoring their phishing attacks with UD branding and terminology to trick UD employees into biting.
Learn to recognize the traits of a phishing scam
  • Inspect links and learn to recognize trustworthy and untrustworthy links. In the examples below, notice that the trustworthy example includes the name of a UD system right after the "http://" part of the link, and that the unstrustworthy example tries to trick a UD person by using "u-del.com" as the first part of the link and using "udel" in the link as well. 
       Trustworthy: http://sites.udel.edu/threat
   Not trustworthy: http://sites.u-del.com/autho/udel/account.php
  • Often, but not always, phishing scams contain typos, grammatical errors, or non-fluent English.
  • Phishing scams are often addressed generically but ask for personal information. No bank will include a dozen customers' email addresses on a note about your account. The UD IT Support Center will not send email addressed "Dear User."
  • If email asks for your account's password, your Social Security number, or other private information, it's a phishing scam.
  • More annotated phishing examples from UD

If you have questions about phishing, spear phishing, and other ways hackers use email, computers, and networks to try to steal your personal information, contact your unit's or college's IT staff or contact the IT Support Center.

You are a target. Information security is everyone's responsibility.

If you require further assistance with the instructions or information on this page, contact the IT Support Center Link opens in a new window.

Search IT Help

My UD Search for forms & applications.