Coming soon: A helpful way to avoid getting hooked

Information Assurance will soon be introducing a “Report Phishing” button to the Outlook email system used within Michigan Medicine. The button will be handy way to report quickly and efficiently any email that seems a little “fishy.”

Phishing is a kind of identity theft where criminals try to trick people by email into providing their personal data such as passwords, credit card numbers and banking details. Users are typically asked to click a link which seems completely legitimate but may contain malware or give access to the scammer.

The new Report Phishing button will appear on the Outlook menu bar. Pressing the button will automatically delete the questionable email in one’s inbox, send an alert to IA, and generate a ServiceNow ticket.

Don’t get hooked: Simulated phishing campaign

Once the button is in place, all of Michigan Medicine will participate in a simulated phishing email campaign. If someone clicks a link in a simulated message, they will receive some educational materials and tips on how they might have identified a suspicious email. If they select the phishing button, they will be thanked for reporting and notified that they correctly identified a potential phish.