Do you know what phishing is?
Phishing is an attempt to get personal and confidential information from you like your passwords/passphrases, credit card numbers, or your social security number. These phishing attacks usually happen in an e-mail or IM message and link you to a Web pageor ask you to respond with personal information.
Don't be a sucker... 10 ways to avoid getting phished
- Be suspicious of links provided in e-mails, and Instant Messages.
- If a link in an e-mail, IM, or Web page looks suspicious, use a search engine (e.g. Google) to find the correct Web site.
- If the address bar of your Web browser shows an address that doesn't match the company whose Web site you think you're visiting, use a search engine to find the correct Web site.
- If you're not sure if an e-mail was a phishing attack or not, check with the company directly before providing any information.
- Do not open unexpected attachments or visit suspicious Web sites assuming your computer will protect you from everything malicious. Even an up-to-date computer will not detect all malicious software.
- Urgent requests for information may indicate a phishing attack. "Respond within 24 yours or your account will be cancelled." Urgency is designed to get you to respond to something you would normally ignore.
- Generic messages (Dear Member/User) may indicate a phishing attack. Most businesses will personalize an e-mail with your name. While this is not a foolproof method for identifying legitimate e-mails, it does help identify illegitimate e-mails.
- Look out for requests for information that are not normal. CIT will never ask you for your passphrase. In fact, it is against the Policy on Responsible use of Technology to share your passphrase with anyone.
- Don't fill out forms in e-mails. Use a search engine to find the company's Web site and provide the information there.
- Bad spelling or grammar could indicate a phishing attack.
|
