What is phishing?
Phishing is a cyber-crime where individuals are contacted via email by someone posing as a legitimate business or institution. These emails may contain links to fake institution websites whose look and feel is identical to the legitimate one. Some of these fake websites are so well done that it’s almost impossible to tell them apart unless you look at the URL.
How do I detect a phishing email?
You can identify phishing email attempts through a few common methods including:
- Luring emails:
Phishing scams often include lucrative offers and eye-catching or attention-grabbing statements in the emails.
- Urgent emails:
A favorite phishing tactic is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond.
- Link to another Website:
When phishers send you a link to your bank’s homepage and you click on the link, you will be sent to a different phishing website which looks very much like the official website. On the site, you will be provided with spaces to enter personal information like credit card numbers, SSN, PIN, password, date of birth, and so on. Once you submit the information, the phishers gain access to this personal information which can be used to conduct online transactions, or even to submit loan applications in your name.
- Spam Mails:
Use the drawbacks of current security techniques to access sensitive information. It’s not uncommon for phishers to send millions of emails at one time.
- Generic names:
If the emails do not contain your name, you should be suspicious. Generally, these emails will address users as “Dear Customer” instead of using proper and valid names.
What else can I do?
If you receive a phishing email please forward the phishing email to firstname.lastname@example.org. Once received we will use this information to block the sender and the phishing link on campus to prevent others from accidentally following the link.
ICT has also created a location to store all reported phishing attempts for students, faculty and staff to view the latest and most common phishing emails making the rounds.
Take IT Security Awareness Training
Online information security training is available to all members of the university community. The training modules take you through best practices for how to protect your personal information and contribute to a safe information technology environment for the university.
Learn more about Phishing
Please reference the links below for general tips for identifying phishing attempts for all accounts.
Current Phishing Attempts at the U of S