📧 What Just Happened?

You received an email that appeared to come from WiCyS Georgia Tech offering discounted conference registration for WiCyS 2026. The email contained a "Register Now" button and a link to claim a limited-time 50% discount. That link brought you to what looked like the real WiCyS website — but it was a clone hosted on wicys.dev instead of wicys.org.

💳 Data That Could Have Been Stolen

• Payment transaction details. Information submitted during a time-sensitive professional registration process, resulting in an immediate financial transaction tied to a legitimate cybersecurity event.
• Registrant identity and professional affiliation. Name, institutional association, and role-based eligibility information used to validate access to conference-related benefits or future exploits.
• Contact information. Email address and related confirmation details necessary to complete and acknowledge the transaction.
• Engagement confirmation. Evidence that the target interacted with a professionally framed conference message appearing consistent with expected organization outreach.

💥 Potential Damage

• Direct financial loss. Unauthorized or misdirected charge associated with conference registration fees.
• Administrative and time burden. Target must identify the issue, dispute the transaction, and coordinate with financial institutions and event organizers.
• Erosion of trust. Exploitation undermines confidence in future event announcements and organizational communications.
• Reputation impact. Fraudulent activity may negatively affect the perceived credibility of legitimate event-related messaging.

🏳 Red Flags You Should Have Noticed

• The sender domain was wrong. The email came from @wicys.dev, not @wicys.org or @gatech.edu. Always check the full sender address, not just the display name.
• The website URL was wrong. You landed on wicys.dev, not wicys.org. Always check the address bar before interacting with any site.
• Too-good-to-be-true pricing. A 50% discount on conference registration available only through an email link is a classic urgency-and-scarcity tactic.
• "Limited spots remaining." Artificial scarcity pressures you to act before thinking critically about the legitimacy of the offer.

🛡️ How to Protect Yourself

• Always verify the sender domain. Hover over or tap the "From" address. @gatech.edu ≠ @wicys.dev.
• Check the URL bar. Before entering any information, confirm you're on the real site. Bookmark important sites.
• Verify discounts independently. Go directly to the official website or contact the organization to confirm any deals.
• Verify out-of-band. Got a suspicious email? Check the official website or message the sender on a trusted platform.
• Report phishing to GT. Forward suspicious emails to [email protected].
• Use 2FA everywhere. Even if your password is compromised, 2FA prevents account takeover.