Threats to personal and institutional information security are an ongoing reality for network connected individuals and organizations. Attackers can leverage publically available information to send a message designed to trick recipients into disclosing personal or other sensitive information (phishing). The University has filters that block the delivery of known phishing messages, and these are updated once ITS is notified of new fraudulent messages. Unfortunately, security risks evolve continuously, and while they can be managed and reduced, they cannot be eliminated entirely. Message recipients have an important role to play. They can use basic security awareness and knowledge to make choices that thwart rather than aid an attack. However, we have received feedback that suitable information is not always easy to find, and in response, we are producing a series of short IT security articles that will be made available at security.uconn.edu under “Essential Security.” The first pertains to phishing, but if you have suggestions or ideas for other related topics that will help empower our community, forward these directly to firstname.lastname@example.org.