Loading

Phishing Explained

Phishing scams are typically fraudulent e-mail messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed web site and ask you for private information (e.g., password, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.

An example of a phishing attempt is an e-mail message stating that you are receiving it due to fraudulent activity on your account, and asking you to "click here" to verify your information. Sometimes these messages even use the name of an organization you are a member of like HWS or a bank like Bank of America, this is called Spearing and a more complete explanation can be found in this article on the FBI's web site: www.fbi.gov/news/stories/2009/april/spearphishing_040109.

How to Avoid Them

Microsoft provides some great tips on how to spot "phish" in this article: www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

To avoid phishing scams, never click the links provided within these types of e-mail messages. If you feel the message may be legitimate, go directly to the company's web site (i.e., type the real URL into your browser, or search for the webpage in Google) or contact the company by phone to see if you really do need to take the action described in the e-mail message. Delete the e-mail message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the web sites to which it points.

Be aware that IT Services at HWS will NEVER ask you to verify your account information via a web link, or to respond to an e-mail with your log in credentials. In addition, official IT Services communications will always originate from the e-mail address helpdesk@hws.edu.

Reporting Phishing Attempts

You can report phishing, spam and any scam attempts to the company that's being spoofed. You may also forward any message to spam@hws.spam. Forwarding messages allows for the HWS spam filter to “learn” what type of spam and phishing attempts may be circulating and adjust itself to better block these messages.

Some information supplied courtesy of Baylor University.