Last Updated: Friday, April 1, 2016
This article has not yet been rated.
Internet or email phishing is a common online threat. To help protect yourself, it’s important to be aware of common phishing scams to prevent becoming a victim.
What is email phishing?
Email phishing consists of emails sent with the purpose of gaining personal information from the email recipient, such as passwords or Social Security numbers. These messages are disguised as being from known companies or users, but are not from a legitimate source. These messages also often contain falsified website that are designed to look like the company's website, but they are setup to capture information that is then resold or otherwise used maliciously.
What are some common phishing attempts?
- Phishers will often send messages to users saying their email account will expire or be closed unless the user replies with their username and password. The phisher then uses the account information contained within it. Please remember that Hendrix College will never ask for your password under any circumstance, nor should there be any reason to share it. If you suspect someone may have access to your password or account, change your password immediately.
- Phishers will also ask for various forms of personal information, including Social Security numbers or bank account routing numbers and accounts. These types of messages often contain websites, mentioned above, that are designed to look like the company's (such as a bank or other financial institution) website.
How can I avoid being "phished"?
- Technology Services will never ask you to give or send us your password, especially via email. Other major account providers (Yahoo!, Gmail, MSN, Comcast, etc.) follow the same practices.
- Messages from Hendrix College Technology Services, especially regarding computing issues, will always be signed with one or more person’s name and title. If you receive a message where the name is not familiar, or the message does not conform to this standard, feel free to verify with the HelpDesk for verification.
- Many businesses or groups (such as the IRS) do not communicate via email.
- Avoid emails that ask for personal information to be sent via email, or provide links to be clicked. Always attempt to go to a known, trusted website link for a company to provide sensitive information.
- Keep your operating system, antivirus, anti-malware, and web browser software up-to-date.
More information about phishing and how to avoid phishing scams can be found here.
I may have given my information to a phisher. What should I do?
Immediately change your passwords, run a malware scan on your computer, and
contact the HelpDesk to make an appointment as soon as possible. The HelpDesk can then walk you through getting your account preferences set back to their original state.