U.S. officials are warning of potential cyber-attacks as a result of the war in Ukraine. They say every organization, large and small, must be prepared.

Vincentian employees can help defend against these types of attacks by keeping an eye out for phishing emails. These are fake emails designed by hackers to look like they’re from a trusted source – including Vincentian, one of our vendors, and credit card companies. The goal is to get you to click on the links and/or open an attachment so they can gain access to passwords, financial data, and personal information, or introduce a virus to your computer.

Vincentian IT recently conducted a mock email phishing campaign to test the knowledge and susceptibility of Vincentian staff to cyber-attacks:

  • Of the 213 emails delivered to employees with Vincentian email accounts, 53 emails were opened (23%).
  • In 19 of those emails (9%), employees clicked on an embedded link, replied to the email, or opened an attachment.

Employees who opened a mock phishing email received a separate email notice with additional information to help them identify phishing emails.

Six Ways To Identify a Phishing Attack
The best way to defend yourself and Vincentian against phishing attacks is to identify them before you can become a victim. Here are six ways to identify and avoid a phishing attack in your inbox:

  1. Threats: Requests for “immediate action” or a notification that “your account will be closed” or other negative consequence for failing to act are likely not real.
  2. Spelling and poor grammar: If you notice spelling mistakes or grammatical errors in an email, it might be a scam.
  3. Links in email: Pay attention to the links in emails, particularly if it has an unfamiliar extension at the end or one that is commonly used to infect your computer with malware – .zip, .exe, .scr. If you see a link in a suspicious email message, don’t click on it.
  4. Formal salutation: If you receive an email from a work colleague or common vendor that begins with a formal salutation, like “Dear XXXX,” or the email contains formal language not often used by work colleagues, check the sender’s email address to confirm the message is from them.
  5. Trust, but Verify: If you receive an email that asks you to deviate from a normal process— even if the email is from a trusted source, like your manager—verify the email’s instruction by calling the individual.
  6. Check the email Address: If you are suspicious of the source of the email, check the senders’ email addresses, especially when an email address belonging to a regular contact is unfamiliar. If the email is from someone you email regularly, compare it with the email address in previous emails.

If you receive a suspicious email, don’t open it.
Contact Vincentian’s Information Technology (IT) Department for assistance.