What is Phishing?
For those that are unfamiliar with this term, Phishing describes an attempt by a disreputable entity to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. While the most common platforms for Phishing are in e-mail or instant messaging, it is becoming more common on social networking sites as well that include chat rooms or other environments where web links can be shared and where attackers can disguise their identity.
How does this happen at Centre College?
One of the most common forms of phishing attack in higher education environments is still the official looking emails claiming be from the institution’s technical support team and usually take the form of an message asking for their user ID and password, with a threat of account deactivation if they fail to reply. These specifically crafted phishing attempts are primarily focused on gaining access to email accounts to enable them to send malicious email to other systems with the appearance of coming from our legitimate mail system.
How do I spot a Phishing message?
- Asks for sensitive information such as usernames, passwords, account number, SSN, credit card numbers, etc.
- You did not initiate the communication (it is unsolicited).
- Includes a link that you are somehow encouraged to “click on.”
- Obvious typographical and grammatical errors that the sender they are masquerading as would not make.
- Legitimate emails from ITS will contain one of the following in the subject line: [CentreITS:CIO] [CentreITS:SYSADMIN] [CentreITS:ADMINCOMP] [CentreITS:HELPDESK]
So, why are these qualities a strong indication of a Phishing message?
- 1. No reputable institution that you have dealings with would ever ask for or attempt to obtain sensitive information via unsolicited electronic communication.
- 2. On the rare occasions where password resets and similar communication are conducted via electronic message, it should only be as a result of an action that you initiated. (NOTE: If you receive such a message from an institution you are affiliated with, you should be sure to contact them using your normal methods of communication,do not use those prescribed in the message.)
- 3. Web links force a user to enter an electronic environment controlled by an attacker. Not only can they solicit your sensitive information but they can perform further automated attacks on your computer. This greatly increases the value of the attacker’s interaction with you.
- 4. Phishing attempts are by definition a malicious act and as such are more frequently perpetrated by attackers for whom attention to detail is not as common a trait. The Phishing “industry” is one that prizes quantity over quality.
What do I do if I accidently respond to one?
- 1. If possible,change the password or access credentials immediately. (NOTE: make sure to record this new information securely until you are able to commit it to memory)
- Contact the ITS Helpdesk for the resource that you may have compromised. Speed is critical, attackers can begin exploiting your information in minutes! At Centre College, you should contact the ITS helpdesk at 859-238-5575 or e-mail firstname.lastname@example.org.
- Keep the original message until the Helpdesk support team tells you that it is okay to delete it.
If you would like to read more about Phishing, and look at some examples, any of the links below provide great information from authorities in higher education and beyond:
- Microsoft Safety and Security Center: http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx
- US-CERT (Federal Government): http://www.us-cert.gov/nav/report_phishing.html and http://www.us-cert.gov/cas/tips/ST04-014.html
Think you have it down when it comes to spotting Phishing? Test yourself online at: http://www.sonicwall.com/furl/phishing/. How did you do?
Please feel free to contact the Centre College ITS helpdesk at 859-238-5575 or e-mail email@example.com if you have any questions or concerns.