Information Security Office
Phishing and E-mail Scams
Phishing attacks are a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
What Information are Phishers After?
Phising attacks go after the following information:
- Usernames and Passwords
- Credit Card Numbers and CVS codes (The 3-5 digit codes on the backs of credit/debit cards)
- ATM/Debit Card Information
- Social Security Numbers
- Banking Information (Account Numbers, Routing Numbers)
Never Provide any of this Information via E-mail!
- No reputable organization or business will ever ask you for confidential information via e-mail.
- Never respond to an e-mail from a source you are not 100% sure the sender is legit. When in doubt call the organization or business but DO NOT use contact information found in the e-mail.
- Always check the authenticity of a website before you provide personal information
- Never click on a link in a suspicious e-mail because it may take you to a malicious website.
- Always bookmark sites you do business with.
- Phishing e-mail will often have a sense of urgency. ("Your
account will be closed if you don't..." etc.) They may also contain strange words, misspelled words or
unusual or awkward phrasing to help them avoid SPAM-filtering software.
What to do if You Were Phished
- Report it to the Help Desk (5555)
- If you believe your financial accounts may be compromised, contact your financial institution immediately.
- Watch for any unauthorized charges to your account
- Consider reporting the attack to the police, and file a report with the Federal Trade Commission or the FBI's Internet Crime Complaint Center.
Vaild Sources that are Frequently Spoofed
- Chase (Fraud Information)
- Zions Bank (Important Information about Online Security)
- Bank of America (Reporting and Resolving Fraud)
- US Bank (E-mail Fraud Information)
- Wells Fargo (How to Protect Yourself)
- Western Union (Consumer Fraud Awareness)
- Amazon (Identifying Phishing or Spoofed E-mails)
- Ebay (Privacy Information)
- Paypal (Protect Yourself from Fraudulent E-mails)
- IRS (How to Protect Yourself from Suspicious E-Mails or Phishing Schemes)
- Yahoo (How do I report spam?)
- your employer
- help desk personnel
- IT organization
- vishing (Phishing via Phone)
What You Can DO
- OIT will NEVER ask for your password!
- If it sounds too good to be true, it probably is!
- If the message does not appear to be authentic, it’s probably not.
- Check to see if the content of the message appears in search engine results (known scam, etc.
- Watch for typographical errors, bad formatting, poor grammar, etc.
- If the message asks you to send your information to them, rather than the other way around.
- If you do not have an account with the company supposedly sending the email.
- Facebook Scams: To learn about scams on Fabcebook follow the link.
Check for Scams Online
More Information for Online Safety