Body
We all get spam. These unsolicited emails are mostly just annoying but some spam is dangerous phishing (i.e. messages luring us to turn over passwords or financial information). It’s easy to fall for a convincing phishing message because they’re designed to trick you and security tools alone can't protect you from these quickly changing social engineering techniques.
These topics will help you stay safe:
What are the dangers of phishing?
Tips for Escaping Internet Phishers
Can you spot the problems?
Reporting Phishing, Scams, or Other Attempts to Defraud
Think you've been hacked?
Additional Resources
What are the dangers of phishing?
A phishing email has the potential to:
- Infect your computer with a virus.
- Install spyware or adware to watch your actions online.
- Convince you to providing personal information on a web site or return email.
- Steal personal information from your computer.
Tips for Escaping Internet Phishers
-
Delete emails from unknown senders.
-
Only open expected attachments from people you know.
-
Treat your e-mail address like a credit card number - never submit it to a person or site you don't trust.
-
Never make a purchase directly from an unsolicited message.
-
Don't click links from commercial emails even if you trust the company; phishers can mask malicious content to look convincing from trusted sources - even the IRS!
-
Don't provide your e-mail on public forums or web sites.
-
Don't give out your name, SSN, telephone number, street address, birth date, credit card numbers, driver's license number, or vehicle registration plate number via email.
-
Keep your antivirus software and operating system current to fix and prevent vulnerabilities that spam or attachments could exploit.
-
Regularly check your free credit report at https://www.annualcreditreport.com/cra/index.jsp.
Can you spot the problems?
This is an example of a message intended to "phish" for a username and password.
Notice these red flags:
- This email isn't addressed to anyone in particular.
- It carries neither a name nor an eBay login name.
- It threatens account suspension if you don't act quickly.
If you question the validity of a message like this (after all, you might well be an eBay account holder), it's best to load the eBay.com web site in a fresh browser window instead of clicking on a link from an email to put all fears to rest.
Reporting Phishing, Scams, or Other Attempts to Defraud
Reporting to UDit
You can report phishing and phone scams to itservicecenter@udayton.edu. UD Gmail users also have the ability to report suspected phishing messages through the KnowBe4 Phish Alert Button (PAB) add-on. This feature sets itself apart from Gmail's standard "Report Spam" option by providing users with a specialized tool to enhance the identification and reporting of potential phishing attempts. The Phish Alert icon looks like this:
For additional information, read the following article: Reporting Suspected Phishing Emails with the Phish Alert Add-On
Knowing about scam attempts allows UDit to notify campus if necessary.
Reporting to Gmail
You can protect others outside of UD from scam emails, too. From your UD Gmail, click the “Report Phishing” option under the message reply options. If several users report a particular message, Google will begin blocking it.
Think you've been hacked?
-
If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
-
If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
-
Contact the Federal Trade Commission's ID Theft Clearinghouse.
-
Report the problem to law enforcement agencies through NCL's Fraud Center, www.fraud.org.
Additional Resources
Learn more about phishing at these websites:
https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
http://www.fraud.org/phishing www.sonicwall.com/phishing