Emails which try to lure you into giving away personal information such as bank account numbers, credit card numbers, passwords and social security numbers are commonly referred to as Phishing scams. While the campus works diligently to block these scams, there will always be some emails which make it to your inbox. This issue of Titan Tech Talk, and the next, will offer information to help you avoid falling prey.
The groups behind Phishing scams go to great lengths to entice you into handing over your identity. Phishing scams may take on the appearance of an official request for information from the University, the State or the Federal government or a reputable company. Many of these Phishing scams may also go so far as creating "look-a-like" websites that are designed to closely resemble an official site by copying the official site's style, logos, images, navigation menus and other components.
Tips to help identify these scams:
They request sensitive information - Be skeptical. Has your account really been violated? Do you really need to update your account information? It is highly unlikely that a legitimate institution would request sensitive information in such a way.
The email looks legitimate - Most legitimate emails and websites look professional. Phishing scams try to fool you, but like a counterfeit dollar bill, they just do not look right. Look for bad grammar, bad spelling and bad design. If your instincts tell you something is too good to be true or there is something which feels strange, it probably is.
Generic greetings - The email does not specifically address you or uses a generic greeting. Institutions know exactly who you are and will refer to you by name in emails.
There is a disguised hyperlink - Verify the web address. You can usually verify the address by using your mouse pointer and hovering over the link sent in the email. If the first part of the web address consists of numbers, the site should not be trusted. For example http://184.108.40.206/PayPal/account/ is an untrustworthy address. Even though "PayPal" is part of the address, the first part contains numbers (called an IP address). This is a sign that something is not right.
For more up-to-date security information visit the Security Blog: http://securitynews.fullerton.edu/latest/