Week 3 - Cybersecurity Awareness Month

​It's Week 3 of Cybersecurity Awareness Month, and this week's focus is on one of the most common, and costly, online threats: phishing.

What is Phishing?

Phishing is a form of social engineering where attackers impersonate trusted sources (like your bank, a vendor, College President, or even your company's IT department) to trick you into revealing information or downloading harmful content.

Comment tactics include:

• Fake login pages that steal your credentials
• Urgent requests claiming your account will be locked, or payment is overdue
• Attachments disguised as invoices, reports, HR documents, or other files
  
• Links that appear legitimate but lead to fraudulent websites

Phishing can appear across multiple channels:

• Email phishing – The most common, often disguised as legitimate business communication
• SMiShing – Phishing via text message
• Vishing – Voice-based phishing where scammers call pretending to be from tech support, HR, or someother legitimate source
  
• Social Media Phishing – Fake profiles or messages prompting you to "verify" information

Attackers often use urgency, curiosity, or fear to make you act before thinking, like clicking a link or providing information quickly to "fix" a problem.

How to Spot a Phish?

Keep an eye out for these red flags:

• Misspelled or slightly altered email addresses (e.g., "micros0ft.com")
• Unexpected requests for sensitive data or login credentials
• Generic greetings like "Dear Customer" instead of your name
• Grammatical errors, odd phrasing, or formatting issues
• Links that don't match the sender's domain (hover before you click)
• Unusual urgency or emotional manipulation ("Act now to avoid suspension!")

Why Reporting Matters?

Reporting suspected phishing attempts doesn't just protect you, it helps safeguard the entire organization. Each report gives IT valuable information to:

• Investigate potential threats
  
• Warn others if the attack is widespread
• Block malicious senders or domains before they cause harm
  

To enter the raffle, complete the Wordle, perform a screen grab of your game and attach it to an e-mail addressed to moconnor@kcc.edu. Winner will be announced on October 27th.