All unwanted, unsolicited email is considered Junk Email. "Junk Email" is often used interchangeably with "Spam", with phishing emails being one of Junk Email's malicious subsets.
Information
Junk Email
Junk email, while annoying and even occasionally overwhelming, may have no malicious intent. For example, bulk email such as vendor emails for products and services, newsletters and free webinar offers, conferences you may or may not have heard of, to name a few.
Some Junk Email may also be Malware containing an infected attachment or executable, or worded to sound threatening with a link to provide payment within a short window of time to make the seeming threat go away.
Phishing
A junk email that is Phishing always has malicious intent. A Phishing email typically conveys a sense of urgency to convince you to do something so you act before you think, like clicking a link and entering your account login.
In its most simple form, a phishing email can trick you into giving up your personal account information. The hacker then accesses your account or sells your information, leading to bank overdrafts and maxed out credit, a damaged credit score and identity theft. A hacker can lock your account or computer until a requested ransom is paid. A phishing email can even send itself from your account to all of your contacts.
Phishing emails designed for organizations typically attempt to capture your username and password which the hacker then uses to gain network access. The email can also send itself to others in your address book potentially collecting other account credentials. The hacker uses these captured logons to work their way into key infrastructure and databases where they can harvest financial records, student and employee personal data, and even lock key infrastructure and services until a ransom is paid by your organization. The average cost of a single successful ransomware attack in higher ed can be hundreds of thousands of dollars.
Email suspected as phishing should be reported in Outlook and also immediately forwarded to UWSP's Information Security Department at phishing@uwsp.edu. Please forward suspected Phishing emails as attachments.
Contact the IT Service Desk with additional questions!