What is Phishing?
According to Securelist.com, "phishing is a type of Internet fraud that seeks to acquire a user’s credentials by deception. It includes theft of passwords, credit card numbers, bank account details and other confidential information." (https://www.securelist.com/en/threats/spam?chapter=85)
Common phishing messages state "Your mailbox is almost full", "Webmail Verification Update" or "Email Quota Limit Exceeded". These messages will usually ask for your firstname/lastname as well as your username/password. If you look closely at the sender’s email address, you will most likely notice that it is NOT an Owens email address that is sending this message. Owens ITS will never ask for this type of information.
An “embedded link” (URL) phishing attempt is one of the most common. An “Embedded link” email will ask you to click on a link to a website in an attempt to gain personal information or infect your system with malware. You will then be asked to enter your personal information (usually your login/password information for your email account, but also credit card numbers, bank account details and other confidential informaion). This type of email is also referred to as a “phishing attempt”. Phishing is defined as the act of sending an email to a user falsely claiming to be a legitimate enterprise/institution in an attempt to scam the user into surrendering private information (usually used for identity theft). If you provide your login information in one of these messages, immediately contact the IT Help Desk so your password can be changed. This will prevent your account from being used to “SPAM” other individuals’ email accounts. Do not click any links, including the unsubscribe links.
Example of Phishing email:
-----------------------------------------------------------
From: Owens Community College <sye0e@libero.it>
Subject: Notice
You've reached your owens.edu email maximum data allowance for this month, you may not be able to send or receive email with your email account again; you are to re-confirm your email account information to our admin panel by clicking on the following link: click here for re-validation of your email account.
Note its free.
Owens Community College System Admin
-----------------------------------------------------------
Often embedded link threats are difficult to spot because the scammers use real company logos. Hover your mouse over the logo or link (“Click here”) and the real URL (link address) will be displayed in the bottom left-hand corner of your browser window. This will help you determine if the link is a valid URL or a malicious URL.
Keywords: