Have you noticed anything phishy about your email at work?

Information security experts at Penn report that there has been a recent rise in the number of fraudulent "phishing" emails sent to University employees. Some of these fake messages appear to come from official Penn email addresses.

To help you recognize potential online security risks and give you tips on how to avoid them, Penn’s Office of Information Systems and Computing (ISC) and Office of Audit, Compliance and Privacy have teamed up to develop a short online training program called “Information Privacy and Security at Penn.”

Employees can take the training at their own convenience on their desktop computers. It provides an overview of Penn’s privacy and security policies and procedures, and teaches faculty and staff how hackers use worms, viruses and other malware as bait to phish for private information online.

The training identifies resources to help employees meet the expectations of students, faculty, staff, alumni, visitors and others who entrust their confidential information to Penn. Employees can also learn how to safeguard their personal information at work and at home, and what scams security experts consider to be the largest computing threats today.

The training is interactive, with lots of information and links to additional resources, fun games and short quizzes. It takes about 20-25 minutes to complete.

To access the training session go to the University's Knowledge Link website. Log in using your PennKey and password, click on “Optional,” then enroll by selecting “Information Privacy and Security at Penn” from the list of available courses.

For more tips, see the One Step Ahead link on the ISC Information Security website at www.upenn.edu/computing/security.