<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:Webdings;
panose-1:5 3 1 2 1 5 9 6 7 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle19
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1277711444;
mso-list-type:hybrid;
mso-list-template-ids:-1208085608 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Good afternoon,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>I’ve received several emails already asking if this is a legitimate email or not. I normally respond by asking for everyone’s analysis of this email first, then I provide comments to make sure everyone knows how to identify these types of emails. In this case, I’ve decided to provide my analysis since so many people are asking.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><span style='mso-list:Ignore'>1.<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>First, the “FROM:” address is a red flag. Normally, when someone from UIT or IT Security sends an email, a person’s name and email address are shown. Here, the person’s name is “University of Houston” and the email address is <a href="mailto:donotreply@central.uh.edu">donotreply@central.uh.edu</a>. Just because the email address is @central.uh.edu (or @uh.edu), it doesn’t mean that the address is legitimate or the person actually sent it. Email addresses can be spoofed (fake) to look like it came from a legitimate email address, so we know not to rely solely on the email address to determine legitimacy.<o:p></o:p></span></p><p class=MsoListParagraph><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><span style='mso-list:Ignore'>2.<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Second, the email body is very vague. No description of what the “important message” is, and why we have to click on it to read. The majority of official UH announcements include the contents of the message in the email so we don’t have to click on a website to read it. Most UIT or IT Security emails have plenty of contents and not just a brief one-liner emails.<o:p></o:p></span></p><p class=MsoListParagraph><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><span style='mso-list:Ignore'>3.<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Thirdly, you should never click on a web link from an email until you know exactly where that link will lead you to. To find out where that link goes to, hover the cursor over the link to reveal the web address (without clicking on it). In this case, the link takes you to nevesta.dn.ua/xxx/xxx/xxx. Please remember that the important part of a web address is BEFORE the first “/”. In this case, the main web address is a Ukraine website (nevesta.dn.ua). The slashes “/” following the web address are just links from the main web address, which should NOT be factored into determining the website’s origin. The slashes here tries to trick you into thinking it’s a my.uh.edu link, when it’s not.<o:p></o:p></span></p><p class=MsoListParagraph><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><span style='mso-list:Ignore'>4.<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Lastly, there is no one’s name in the signature. No legitimate email should just show the organization and not the person sending the email.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>It’s important that all these parts of the email are considered together to determine legitimacy. For example, the phishing email can contain three legitimate parts out of the four stated above, but that one remaining part that still raises a red flag should cause you to stop and reconsider before acting. In cases that that, please call or email me and include your analysis of the email so we can talk about all the parts of the email that will determine legitimacy. Remember, there is no rush to click on an email if even one part raises suspicion. It’s better to report it rather than click it, when it comes to suspicious emails! <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Thanks to all those who brought this email to my attention. If you’ve happened to click on the link already, please call or email me immediately.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Sincerely,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Kiet Luong<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Director of Engineering Computing<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>College Information Security Officer<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Cullen College of Engineering<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>University of Houston<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Email: KietL@uh.edu<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Voice: 713.743.9974<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><div><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal style='margin-bottom:12.0pt'>---------- Forwarded message ----------<br>From: <b>University of Houston</b> <<a href="mailto:DoNotReply@central.uh.edu">DoNotReply@central.uh.edu</a>><br>Date: Fri, Jan 13, 2017 at 10:45 AM<br>Subject: Important message from UH Faculty/Staff<br>To: <br><br><o:p></o:p></p><div><p class=MsoNormal style='background:white'><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#212121'>Dear Employee:</span><span style='font-size:11.5pt;font-family:"Segoe UI",sans-serif;color:#212121'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-size:11.5pt;font-family:"Segoe UI",sans-serif;color:#212121'> <o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#212121'>You have new important message from Faculty/Staff.</span><span style='font-size:11.5pt;font-family:"Segoe UI",sans-serif;color:#212121'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#212121;background:white'><br><a href="http://nevesta.dn.ua/classifieds/includes/system.my.uh.edu.html" target="_blank">Click here</a> to read<br> <o:p></o:p></span></p><p class=MsoNormal style='background:white'><strong><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black;background:white'>Thank You</span></strong><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black;background:white'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#222222;background:white'>Information Technology Services(ITS)</span><span style='font-family:"Arial",sans-serif;color:#222222;background:white'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><strong><span style='font-family:"Arial",sans-serif;color:black;background:white'>University of Houston</span></strong><span style='font-family:"Arial",sans-serif;color:#222222;background:white'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-family:"Arial",sans-serif;color:black;background:white'> </span><span style='font-family:"Arial",sans-serif;color:#222222;background:white'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-family:"Arial",sans-serif;color:#222222'> <o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-family:"Arial",sans-serif;color:#222222'> <o:p></o:p></span></p><p class=MsoNormal style='background:white'><b><span lang=EN style='font-size:8.0pt;font-family:"Arial",sans-serif;color:navy'>CONFIDENTIALITY NOTE</span></b><span lang=EN style='font-size:8.0pt;font-family:"Arial",sans-serif;color:navy'>: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.</span><span style='font-family:"Arial",sans-serif;color:#222222'><o:p></o:p></span></p><p class=MsoNormal style='background:white'><span style='font-family:"Arial",sans-serif;color:#222222'> <o:p></o:p></span></p><div><p class=MsoNormal style='background:white'><span lang=EN style='font-size:8.0pt;font-family:Webdings;color:green'>P</span><b><span lang=EN style='font-size:8.0pt;font-family:"Arial",sans-serif;color:navy'> </span></b><span lang=EN style='font-size:8.0pt;font-family:"Arial",sans-serif;color:green'>Please consider the environment before printing this e-mail</span><span style='font-family:"Arial",sans-serif;color:#222222'>.<o:p></o:p></span></p></div></div></div><p class=MsoNormal><o:p> </o:p></p></div></div></div></body></html>