Don't Get Hooked by Phishing Scams
What is phishing?
Phishing scams – a technique often used by hackers and identity thieves to compromise accounts and install malware – continue to grow in number and sophistication.
Phishing is a social engineering method in which the phisher uses email or a phone call to lure unsuspecting recipients into giving their personal, financial, or other sensitive information to commit identity theft, gain access to their accounts, or hack their computer.?The email or call normally appears to come from a legitimate person and may even target a specific group (e.g. members of the MSU Denver community), which is known as spear phishing.
Why it's important to avoid phishing scams.
Conmen have been tricking people out of their money for thousands of years, and impersonating someone else is nothing new. E-mail, websites, and chat programs just make it easier to trick people out of their money. Identity theft is the fastest growing crime in America.
Example of an phishing e-mail:
DO NOT RESPOND to these messages!
These messages are fake. They are being sent by hackers trying to trick you into giving them your password so they can take over your e-mail or steal your identity and drain your bank account!
This technique is called "phishing." They are phishing (fishing) for victims. See the example below.
What you can do
ITS has compiled the following tips to help you avoid falling prey to phishers:
- Scrutinize all emails before downloading attached files or clicking links. Verify that the email address of the sender is legitimate and someone you know.?
- Don’t click on unrecognized links. Want to know where a link is actually going? Hover over it with your mouse cursor to reveal the actual web address.
- Be skeptical of any email with urgent requests for personal financial information. Not sure about a request? Call the company to verify.
- Be skeptical of messages that have poor spelling or grammar, sloppy formatting, or a generic greeting such as “Dear Customer” rather than your name.
- Beware of common intimidation tactics such as “Urgent action required!” or “Your account has been compromised!” Call the company to verify if you’re concerned.
- Don’t download “free” software onto your PC, always follow MSU Denver’s security policies! The Information Security Policies are available on the MSU Denver Policy webpage.
There are thousands of different scam techniques. You should always be on your guard and you MUST always be very protective of your confidential information.
Online conmen use e-mail, websites, and chat programs to trick people into providing them with private and confidential information (such as credit card information, date of birth, etc.). They can use this information to make unauthorized charges to your credit cards, or use your identity to take out loans in your name. Such "phishing" scams often come as an official looking e-mail that appears to have come from your bank, credit card company, online storefronts like Amazon or eBay, online payment systems like PayPal, etc. The e-mail usually says there is something wrong with your account or that they need to verify your information. These messages have been forged and are fraudulent. These organizations will never contact you by e-mail to verify your information, or to inform you of a problem with your account. You should just delete these messages; never reply to them and never follow their instructions. If you need to contact your bank or credit card company, call the phone number that is printed on your monthly statement. If you need to contact an online storefront or other online service, don't use any phone numbers or links provided from the malicious e-mail; visit their website, either with the direct address or via a web search, and use the contact information provided there.
If you receive a malicious or suspicious email or phone call to your MSU Denver email or phone number, please forward the information to spam@msudenver.edu.
Also see