You Have Just Taken Part in a Phishing Assessment

You have reached this Phishing Assessment web page because you clicked a link in an email that was crafted by STS Security to mimic some popular phishing scams.

Please read the following:

What is Phishing?

Phishing (pronounced "fishing") is a process by which someone tries to obtain your private information using deceptive means, usually by sending an email that appears to come from a business, bank, school, or other organization that you trust. The email may include a link that can take you to a counterfeit web site, which may closely resemble a trusted web site, where you may be asked for your password, social security number, account number or other personal information that can be used to steal your identity.

Did You Know?

  • Industry experts estimate that 500 million phishing emails appear in user inboxes every day.
  • It is estimated that there were nearly 33,000 different phishing attacks each month worldwide during 2012.
  • The total loss for various organizations comes to $2.1 billion over the last 18 months.
  • That there are multiple types of Phishing attacks.

Example of a Phishing Email

Here is an example of an phishing email. As you read the helpful information below, reference this example.

Example of phishing email

Helpful Information

Email in general:

There is very little risk in opening emails. In almost all cases simply opening an email is safe.

Email attachments:

Opening attachments or clicking on links in emails can be dangerous. Attackers can email you infected attachments or send links that take you to websites that trick you out of your information or silently hack your computer. Do not open attachments or click on links in emails that seem strange or suspicious.

Email links:

If you suspect that an email link is dangerous or misleading, there are a few methods you can use to reduce your likelihood of being phished.

First Method
Hover your mouse over any link (without clicking) that is suspicious or possibly malicious. It should reveal where the link will take you if clicked. If the URL is not exactly the same as the intended website, DO NOT click the link.

Second Method
If you are unsure as to the validity of the link such as your bank, credit union or other website, type the URL directly in the web address window rather than clicking on the link.

Phishing emails often...

  • Attempt to build credibility by spoofing a real company or governmental agency (may come from a known email address such as tn.gov or a generic email address such as gmail or yahoo).
  • Create a false sense of urgency requiring a quick response - (i.e.: "Your account will be closed...").
  • Insist on a call to action (click a link or reply with information).
  • Try to get you to click on a picture, Adobe Acrobat (.pdf) file or entice you to view or download an attachment.
  • Contain misspelled words or sentences with grammatical errors.

Always...

  • Use common sense when giving out personal information.
  • Be suspicious by default.
  • Never give out account or personal information by email.
  • Verify the information reported in the e-mail.

How to report a phishing email:

If you have received an email that you suspect is a phishing email, forward it as an attachment to spam.abuse@tn.gov or contact the Service Desk at (615) 741-1001 or (800) 342-3276.