For the final week of National Cybersecurity Awareness Month, please find below Week 4 communication: “Recognizing and Reporting Phishing.”

I would also like to take this opportunity to remind you to participate in the cybersecurity course available in Blackboard. You are already enrolled in the CSI101 Cyber Security Training. To access, log into Blackboard using your CUNY Login credentials (Username: Firstname.Lastname##@login.cuny.edu). You may also access the course by logging into Blackboard directly, navigating to My Organizations, and clicking on the CUNY CSI101 Cyber Security Training organization.

Thank you for your continued support.

By Patricia Kahn, PhD


Welcome to the fourth and final week of National Cybersecurity Awareness Month. This week we focus on “Recognizing and Reporting Phishing” with information on how to stop and think before clicking on a link or message attachment and spotting red flags that suggest suspicious content.

Helpful Tips:

You can find more information on the following helpful hint topics on the National Cybersecurity Awareness Alliance Website and quick tip sheet:
-Be wary of malicious links in messages offering a “reward” or “free gift.”
-Do not verify your account in response to an unsolicited email or text by logging into a Webpage or updating your credentials. -Do not click on any links -– even the unsubscribe link -– or reply back to the email.
-A phishing scheme can also install malware onto your device.
-If you are able to recognize spam or phishing emails, just delete them.
-If you suspect an email is phishing for your information, it’s best to report it quickly to your IT HelpDesk.
-Only verify account information using customer service contact and Website information provided in monthly statements or original account documentation.

Additional Resources:
-Gain more knowledge via Recognizing and Reporting Phishing Infographic.

Facts and Figures:

-Nearly three out of four companies experienced a phishing attack in 2020. (Symantec)
-72% of respondents reported that they checked to see whether messages were legitimate (i.e., phishing or a scam) compared to 10% who reported not doing so. (NCA)
-Nearly half of the participants (48%) reported phishing emails to the sender (e.g., the real person the cybercriminal tried to impersonate by sending the phishing email). (NCA)
-42% of the participants said they used the reporting capability on a platform (e.g., Gmail) “very often” or “always.” (NCA)

Our emails and supporting information are available from the National Cyber Security Awareness Month (NCSAM) page on the CUNY Website. We also provide a growing security resources list on the CUNY Information Security pages. You may also want to visit the OUCH! Website to read recent security articles or subscribe to the world’s leading, free security awareness newsletter designed for technology users.

If you have any questions about any of this information, please contact your college’s Information Security Manager.