Middlebury

Library & ITS Wiki

Library & ITS Wiki

Phishing and Scam Websites

(Difference between revisions)
(Added tag: 'Security')
m
Line 1: Line 1:
 
== Phishing Expeditions  ==
 
== Phishing Expeditions  ==
  
For people who ask that we notify the rest of the campus immediately about the latest scary message they got:  
+
For people who ask that we notify the rest of the campus immediately about the latest scary message they got:
  
 
Thank you for your concern.  We get more than a dozen different types of phishing attempts on this campus per week. We do not send out a warning about each one as we get complaints about being spammers ourselves every time we send an email about anything. We try to confine our warnings about this issue to no more than twice a semester.  
 
Thank you for your concern.  We get more than a dozen different types of phishing attempts on this campus per week. We do not send out a warning about each one as we get complaints about being spammers ourselves every time we send an email about anything. We try to confine our warnings about this issue to no more than twice a semester.  
Line 7: Line 7:
 
== For people who are asking if the phishing expedition is legitimate: ==
 
== For people who are asking if the phishing expedition is legitimate: ==
  
Thank you for checking with the Helpdesk on this issue. This is a phishing expedition designed to get you to reveal personal information about yourself that can be used to break into computer accounts and/or steal your identity. Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc. '''<u>Never respond to E-mail requests for vital personal information unless you are the one who initiated the contact</u>'''.  
+
Thank you for checking with the Helpdesk on this issue. This is a phishing expedition designed to get you to reveal personal information about yourself that can be used to break into computer accounts and/or steal your identity. Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc. '''<u>Never respond to E-mail requests for vital personal information unless you are the one who initiated the contact</u>'''.
  
 
Some perpetrators of phishing expeditions are becoming extremely clever and can convincingly mimic service providers (like us) or even government agencies such as the INS or IRS. Please feel free to check with us anytime you are uncertain about a request that is asking for information about you.
 
Some perpetrators of phishing expeditions are becoming extremely clever and can convincingly mimic service providers (like us) or even government agencies such as the INS or IRS. Please feel free to check with us anytime you are uncertain about a request that is asking for information about you.
Line 17: Line 17:
 
Thank you for forwarding the phishing expedition to us. Our network administration staff has been notified so they can block responses to this message. Delete the message and thanks again for being alert enough to recognize the scam.
 
Thank you for forwarding the phishing expedition to us. Our network administration staff has been notified so they can block responses to this message. Delete the message and thanks again for being alert enough to recognize the scam.
  
Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc.  
+
Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc.
  
 
&nbsp;
 
&nbsp;
Line 42: Line 42:
 
[[Category:Phishing]]
 
[[Category:Phishing]]
 
[[Category:Phishing expedition]]
 
[[Category:Phishing expedition]]
[[Category:Email fraud]]
+
[[Category:E-mail fraud]]
 
[[Category:Helpdesk Documentation]]
 
[[Category:Helpdesk Documentation]]
 
[[Category:Security]]
 
[[Category:Security]]

Revision as of 09:38, 17 April 2013

Contents

Phishing Expeditions

For people who ask that we notify the rest of the campus immediately about the latest scary message they got:

Thank you for your concern.  We get more than a dozen different types of phishing attempts on this campus per week. We do not send out a warning about each one as we get complaints about being spammers ourselves every time we send an email about anything. We try to confine our warnings about this issue to no more than twice a semester.  

For people who are asking if the phishing expedition is legitimate:

Thank you for checking with the Helpdesk on this issue. This is a phishing expedition designed to get you to reveal personal information about yourself that can be used to break into computer accounts and/or steal your identity. Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc. Never respond to E-mail requests for vital personal information unless you are the one who initiated the contact.

Some perpetrators of phishing expeditions are becoming extremely clever and can convincingly mimic service providers (like us) or even government agencies such as the INS or IRS. Please feel free to check with us anytime you are uncertain about a request that is asking for information about you.

 

For people who are reporting a phishing expedition that we are not aware of:

Thank you for forwarding the phishing expedition to us. Our network administration staff has been notified so they can block responses to this message. Delete the message and thanks again for being alert enough to recognize the scam.

Please be assured that we would never ask for personal information such as your password, your Social Security number, your Mother’s maiden name, etc.

 

For people who are reporting a phishing expedition that we are already aware of:

Thank you for forwarding the phishing expedition to us. We are already aware of this particular one but always appreciate being informed in case we haven’t heard about it yet. Please delete the message if you have not already done so.

 

For people who have responded to a phishing expedition and then realized their error:

Thank you for notifying us that you responded to a phishing expedition. Please start your browser and go to http://go.middlebury.edu/activate and change your password immediately. This will help protect your computing accounts and the Middlebury College network. Please let us know when you have completed the password change. If we don’t hear from you in a reasonable amount of time we will have no choice but to temporarily disable your accounts. Thank you for your prompt attention to this matter.

 

Clever web sites look like the real thing, but are not what they appear to be...

Sometimes, malicious web sites / web pages, may pose as legitimate, trying to trick you into revealing some private information. Firefox 2 and above, Internet Explorer 7 and above, as well as Safari 3.2 and above, have built-in phishing protection. However, in some cases, if you suspect that a site may be malicious, you can lookup the site at http://www.phishtank.com/ to see if anyone else has reported this website as malicious.  Also, please contact the Helpdes at x2200 when you suspect an email phishing expedition is underway on campus.