Similar to many, I treated this as spam email and deleted without opening.
I failed the test. I had a birthday recently and was sent an online greeting card from a friend. The phishing scam asked me to click a link to receive a greeting that was waiting for me, but had no name in the From box. I think I would have been more suspicious if it came from an unfamiliar name.
Some of these phishing emails are kind of tricky. Lots of us get the greeting card one a lot from family or friends. One time I got a missed voice message subject phishing email once and I know the phone system does act up, so I almost opened that one, too. I did pass both of these as I did google on my phone first the subject of these emails to see if something about spam or virus came up. My question is…what if we report one that we think is phishing and it is actually a real genuine email that we need to read, etc. will it come back to us to open? and if it does will it come back for us to open in a decent amount of time or will it be weeks? Thanks.
This is more confusing than helpful. I received this and as with all e-mails I do not recognize I merely deleted it. To know if it's phishing wouldn't you have to open it and wouldn't that be worse? I would think the deletions should have counted as a good thing not a 75% failed. We obviously need some clarification please!
I received this email and I can tell you exactly why I failed the test, what was going through my mind when I read the most recent test email. I had received a previous email a couple of weeks earlier that I thought suspicious for phishing. I reported the previous suspicious email, and received a response back that it was a false alarm, that because the email did not ask me for any personal information, it was not a phishing attempt but rather spam. So when I got the latest test email, and it did not ask for any personal information, I figured it was safe, not worthy of reporting, opened it, and BAM, fail. I am now more confused than ever about what to look out for and what to report.
Jump to this post
I completely agree. It seems we are receiving conflicting instructions.
"More than 75 percent of recipients fell victim to the campaign email." Did 75% actually open the email, or is that a combined opened and/or deleted the email? I got a "congrats" pop up when I clicked the "phish" button after searching for one of the older links about how to recognize phishing versus spam to see if you wanted us to report that type of email or not, but I was a little disappointed that it wasn't easier to find a FAQ/what to do on the Help Desk homepage as that was the first place I checked. This is what I used: http://intranet.mayo.edu/charlie/office-information-security/how-to-spot-a-phish/, but I think this link is even more helpful: http://newsletters.mayo.edu/newscenter/Article.aspx?contentID=DOCMAN-0000163198
Good Morning April, Good question. The campaign sent emails to just over 60,000 individuals. We had 51% of those individuals interact with the email. Of the individuals interacting with the email, approximately 75% of them clicked on the link. More information about phishing can be found on the Office of Information Securityâ€™s website which can be found at: OIS Office of Information Security
I did report it, but only after my co-worker showed me where the button was to report it! I knew it was something I wouldnâ€™t open and would normally have just deleted it like everyone else! Maybe more education on the reporting button is needed! I know now!
To be honest, with Mayo's emphasis on teambuilding, I actually thought it was someone showing appreciation. Also, due to my lack of knowledge, can you explain how opening this email would have sent out information. I thought information could only be obtained when we responded back answering questions regarding passwords etc.
I first inquired through the helpdesk email to ask if this was one I should forward to them to check out since that has been our process in the past at our site but was advised to not forward or just delete it, but click on the "Phish" button which I did and recieved a congratulations email. I agree this was a very good learning test for all and I will remember to just go "Phish" in the future.
Mayo Clinic has an E-Card site you can go to (http://mayoweb.mayo.edu/humanresources-recognition/ecards.html) to recognize your co-workers. It comes to your email in the same fashion the phishing email did. You have to click a link to a non-Mayo website to view the e-card. I heard some of my co-workers clicked on the phishing email because they thought it was one of these.
That's exactly what I thought, that it was a Mayo e-card for me.
If we report something as Phishing it leaves our email but what happens if it truly was not Phishing will we get the email back so we can respond?
Hi Carol, If you report an email inadvertently, it can be recovered in either your Sent Items folder or your Deleted Items folder in Outlook. Office of Information Security
How do you report Phishing on an iPad?
Hi Ken, A mobile solution is not currently offered for this tool. If you receive a suspicious email on your mobile device or your Mac product, it can be reported to the Office of Information Securityâ€™s Threat and Response Team at: tarc.mayo.edu. More information about phishing can be found on the Office of Information Securityâ€™s website which can be found at: OIS Office of Information Security
Sure, I thought that the e-mail looked a little suspicious. However, it wasn't actually phishing for personal information. I also did my due diligence of research on the domain name and found it to be safe, but then I opened the link and was notified that I had failed the experiment. This seems to be a failed experiment for both parties involved, though.
When will the phishing button be added to the Mac version of Outlook? I received the email and immediately deleted it since I don't have that function.
Karl, The Report Phishing button for Mac devices should be deployed by mid-summer. In the meantime, you can report suspicious email directly to the Office of Information Securityâ€™s Threat and Response Team at tarc.mayo.edu. Office of Information Security
version 188.8.131.52Page loaded in 1.073 seconds