Body
Wait, That Was a Test!
You clicked a simulated phishing link as part of our Security Awareness Program. We want to help you learn how to spot these in the future.
Do not worry! This was only a simulation. Nothing bad happened and you do not need to change your password. We are here to help you learn, not to punish.
Let Us Break Down This “Pending Message” Phishing Email
| From: Secure Message System <swaim@doctorican.org> |
Red Flag Number One: Mismatched Sender Address
The display name shows Secure Message System, but the actual sending address is swaim@doctorican.org. A legitimate system notification from the university will originate from an official internal domain, not an unrelated .org address.
| |
External Email: This email was sent from outside VIU. Treat links and attachments with extra caution.
|
Red Flag Number Two: System Warning Banners
The email client displays two warning banners at the top of the message. The banners notify you that the sender is external and unfamiliar. A legitimate internal email delivery system from the university will not trigger an external warning banner.
Failure Delivery Messages
Email Delivery Reports For your.name@viu.ca
| Status |
Subject |
Date |
Time |
| Pending |
Urgent: Invoice Overdue |
05/18/2026 |
08:14 AM |
| Pending |
RRSP Statement and Contributions |
05/19/2026 |
11:22 AM |
Red Flag Number Three: Psychological Manipulation
The subjects of the pending emails are Urgent: Invoice Overdue and RRSP Statement and Contributions. Attackers choose these subjects to trigger anxiety and financial curiosity. They want to pressure you into acting quickly without thinking.
Red Flag Number Four: The “Move To Inbox” Button
This button is the payload delivery mechanism. Hovering your mouse over the button without clicking would reveal a link pointing to a credential-harvesting site. Real university systems do not request you to move files directly to your inbox.
Mail Encrypted by viu.ca All Rights Reserved. | If you do not wish to receive this message
Unsubscribe
Red Flag Number Five: Contradictory Footer
The footer claims that the message was encrypted by viu.ca. The attackers include this note to build legitimacy. However, the claim contradicts the external sender address at the top of the email.
What Is the Number One Thing I Could Do
The number one thing you can do is treat your Inbox(es) like a school zone. Slow down when reading and acting on email.
We are all used to driving 10 km/hr over the speed limit on the highway. That behaviour can translate into our work. We are all super busy, and our attention is split. It is easy to be on autopilot without taking a moment to pause and think about what we are doing. However, I suspect none of us speed in a school zone. We slow down because of the heightened risk and greater impact of making a mistake on that stretch of road.
Email is the highest risk area of your job for being exploited and manipulating you into granting access to or sharing sensitive information.
What Should You Do Next Time?
Is That "Missed Email" Warning Real? What to Look For
- Stop and read the banners. Treat external email warning banners as yield signs. If an email claims to be internal but has an external warning banner, it is almost certainly malicious.
- Don't click to verify. Open your browser and check your quarantine safely using our official guide: How do I manage quarantined messages in Outlook?. If you need help, reach out to the IT Helpdesk.
- Question urgency. Ask yourself: Is this really urgent, or is someone trying to rush me?
- Report it. Use the Report button in Outlook for suspicious emails
- When in doubt, contact IT. We are here to help!