Document Actions
Phishing
Phishing is the new word in consumer online security fraud for convincing the consumer to provide confidential information through a website or email. The information may be used for fraud, identity theft, or other compromise. The university community has recently seen emails falsely labeled from Citibank, PayPal, and others attempting to convince the user to surrender private information. The most hard-hit industry is currently financial.
Hackers are skilled at using emails to entice or alarm users to visit websites looking almost identical to the legitimate websites. Emails will ask the reader to provide confidential information or visit a website, looking almost identical to the legitimate site, and request personal information. Do not provide any personal information via email, or on a website unless the URL is secure (https://), and the site is legitimate. URLs included in the body of an email may not be legitimate. Go to the home website of the institution or call for verification of the email to the main number of the institution. Make sure the site is legitimate.
In summary, phishing is so prevalent that it has its own name. Phishing is a scam in which social engineering is used to steal confidential/personal information for criminal activity. Beware of emails that appear to be from legitimate institutions and websites that look like the real thing, they may be spoofed.
How not to get hooked by a phishing scam
http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
Take the MailFrontier Phishing IQ Quiz
An interactive phishing quiz (Carnegie Mellon University)