Phishing, Scams, and Spams

We all get spam. These unsolicited emails are mostly just annoying, but some spam is dangerous phishing, messages luring us to turn over passwords or financial information. It’s easy to fall for a convincing phishing message - they’re designed to trick you. Security tools alone can't protect you from these quickly changing social engineering techniques. Here’s what you need to know to stay safe:

What are the dangers of phishing?

A phishing email has the potential to: 

• Infect your computer with a virus. 
• Install spyware or adware to watch your actions online.
• Convince you to providing personal information on a web site or return email. 
• Steal personal information from your computer.

Tips for Escaping Internet Phishers

1. Delete emails from unknown senders.

2. Only open expected attachments from people you know.

3. Treat your e-mail address like a credit card number - never submit it to a person or site you don't trust.

4. Never make a purchase directly from an unsolicited message.

5. Don't click links from commercial emails even if you trust the company; phishers can mask malicious content to look convincing from trusted sources - even the IRS!

6. Don't provide your e-mail on public forums or web sites.

7. Don't give out your name, SSN, telephone number, street address, birth date, credit card numbers, driver's license number, or vehicle registration plate number via email.

8. Keep your antivirus software and operating system current to fix and prevent vulnerabilities that spam or attachments could exploit.

9. Regularly check your free credit report at https://www.annualcreditreport.com/cra/index.jsp.

Can You Spot the Problems?

This is an example of a message intended to "phish" for a username and password.

Notice these red flags: 

• This email isn't addressed to anyone in particular. 
• It carries neither a name nor an eBay login name. 
• It threatens account suspension if you don't act quickly.

If you question the validity of a message like this (after all, you might well be an eBay account holder), it's best to load the eBay.com web site in a fresh browser window instead of clicking on a link from an email to put all fears to rest.

Reporting phishing, scams, or other attempts to defraud

Reporting to UDit - You can report phishing and phone scams to itservicecenter@udayton.edu. Knowing about scam attempts allows UDit to notify campus if necessary.

Reporting to Gmail - You can protect others outside of UD from scam emails, too. From your UD Gmail, click the “Report Phishing” option under the message reply options. If several users report a particular message, Google will begin blocking it.

Think you've been hacked?

• If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.

• If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.

• Contact the Federal Trade Commission's ID Theft Clearinghouse. 

  • Online: www.ftc.gov/bcp/edu/microsites/idtheft/ 

  • Phone: 877-438-4338, TDD 202-326-2502

• Report the problem to law enforcement agencies through NCL's Fraud Center, www.fraud.org.

Resources

Learn more about phishing at these websites: 

• https://www.consumer.ftc.gov/articles/0003-phishing 
• http://www.fcc.gov/cgb/consumerfacts/canspam.html 
• http://www.fraud.org/phishing www.sonicwall.com/phishing