MSU-Northern ITS: IT Security

MSU-Northern Home > ITS Home > IT Security > Phishing

Quick Links Help Desk - 3765 ITS Home IT Security Services Information About... Site Index In this section... IT Security Stay Updated! Passwords Data Security Firewalls Virus Protection While Traveling... Types of Threats E-mail Safety & Spam Phishing Types of Fraud Identity Theft Malware Web Surfing Safely Social Networks Online Harassment Copyrights & Peer-to- Peer (P2P) Applications Related Links (external) MSU Security Web Site Help Desk MSU-Northern students, faculty and staff - Use the ITS Help Desk as the first point of contact for your technology problems, questions & services! Information Technology Services Help Desk Walk-in Support: Cowan Hall 117B Telephone Support: 265-3765 E-Mail Support: itstech Report Security Incidents Report stolen devices (laptops, PDAs, etc) and suspected computer break-ins to ITS immediately. The sooner we know about an incident, the sooner we can respond, potentially limiting any damage. Last Updated: 19-Jun-2009
	Information Technology Services: Phishing Phishing messages are designed to look as if they were sent from banks, IRS, mortgage companies, brokerage firms, ISPs, or other legitimate organizations with which you may do business, such as Citibank, PayPal, eBay, etc. Tactics are improving, these emails look like they really are from your bank, eBay, paypal. They’re using better grammar, more believable stories and better URLs. They’ll also try to get you to open the email using subjects associated with a holiday, current events. These phishing messages instruct you to respond either through email or through a website with account numbers, passwords, social security numbers, or other sensitive information. The message may ask you to “update,” “validate,” or “confirm” your account information or face dire consequences. Protecting Yourself Keep your operating system, browser, antivirus a nd firewall software up to date so that your computer can help you in the fight. Be suspicious of links, attachments and unexpected e-mail messages. Delete any email that asks you to enter personal information at a linked website: Access your accounts directly by typing the URL yourself. Don't click on, or enter information in, pop-ups or ads. Never email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon () on the browser's status bar and the URL begins "https:" (the "s" stands for "secure"). Don't let your browser be "helpful" by allowing auto fill-out of forms or remember passwords. If your machine is compromised, they attacker will have all your information. Use common sense. If it sounds weird or too good to be true, it probably is. Bill Gates is not sharing his fortune and they can’t track the email you forward! Report phishing, whether you're a victim or not. Tell the company or agency that the phisher was impersonating. Most organizations have information on their websites about where to report problems. You can also report the problem to law enforcement agencies through the National Fraud Information Center/Internet Fraud Watch, www.fraud.org or 800-876-7060, TDD 202-835-0778. The information you provide helps to stop identity theft. Top of page Return to IT Security Home		It's up to you. Take these steps to help ensure the security of your identity and your computer. Security Updates Antivirus Software Firewalls Secure Passwords Malware Protection Phishing Tips Social Networking Be on the lookout! Other types of fraud you need to watch out for. Did You Know? Phishing can also happen by phone (vishing). You may get a call from someone pretending to be from a company or government agency, making the same kinds of false claims and asking for your personal information. Here's an example: A scammer calls claiming to work for the local court and claims you've failed to report for jury duty and an arrest warrant has been issued for you. You’ll say you never received any jury duty notification. The scammer then asks for your Social Security number, birth date, and sometimes even for credit card numbers and other private information so they can help clear up the problem. This information is exactly what the scammer needs to commit identity theft. Bottom line: Never give out your Social Security number, credit card numbers or other personal confidential information when you receive a telephone call. Got Phished? Can you tell the difference between a real or fake URL, or between a legitimate or spam email? Test your skills and learn at the same time! SonicWALL's phishing and spam IQ quiz is a great way to get you up to speed on email security!