| |
Phishing is the practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or other reputable organizations, with the intent of luring the recipient into revealing sensitive information such as usernames, passwords, account IDs, ATM PINs or credit card details. These emails usually claim that it is necessary to "update" or "verify" your customer account information and they urge people to click on a link from the email which takes them to the bogus website or provide account information through an email reply. Any information entered on the bogus website or through email will be captured by the criminals for their own fraudulent purposes.
-
If you get an email or pop-up message that asks for personal or financial information, do not reply. Never click on any links within the body of the email. The University of New Orleans will never ask for this information via email. If you are concerned about your account, please contact the UCC Help Desk at 280-HELP or email helpdesk@uno.edu. In any case, don't cut and paste the link from the message into your Internet browser - phishers can make links look like they go to one place, but that actually send you to a different site.
-
Use anti-virus software and a firewall, and keep them up-to-date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
-
Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
-
A firewall helps protect you on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
-
Never email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
-
Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
-
Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can breach your computer's security.
to top
The number one place used to be posts on Usenet newsgroups (also called "discussion groups" on some systems, "bulletin boards" on others). Newsgroups are "publicly" readable; whether you post your message on your local ISP or on a major 'net service, your message can be spread worldwide by Usenet in a matter of hours, and it -- with your posting address -- is easily sucked up by advertisers.
The current most-common place to get your address is from web pages. If your e-mail address is listed on a web page anywhere on the 'net, especially if that page is listed in a search engine or directory, spammers will find it, and fairly quickly. Tip: try searching for your own e-mail address in Google. If you can find it there, spammers can too -- easily.
Spammers "harvest" fresh addresses by going to web sites and "scanning" for e-mail addresses anywhere on the site The software can, for instance, ask a search engine for any page that has the word "cat" in it and grab the addresses off those pages for a "targeted" list of people with a presumed interest in cats. It takes only minutes to gather thousands of addresses. Of course, how "targeted" that list might be is a matter of opinion. A "cat" might refer to a feline animal, a tractor, an abbreviation for "category", etc. But spammers don't really care if you're interested in their message or not. The key, for them, is to blast out their nonsense to as many people as possible because a very tiny percentage of them will fall for their scam.
Other sources for addresses actually includes messages you sent privately to friends -- if they forward your note to a large group (which happens all the time, especially if you're telling a funny story), and a spammer happens to be a friend of a friend of a friend, your address can easily be culled from the headers. Other places include open e-mail discussion lists and, ironically, web pages that say "put your address here if you want to be on a 'do not mail' list"; often, these lists are sold to the very advertisers you want to avoid!
to top
Please forward a copy of the spam message along with full internet headers to our Spam team at abuse@frontbridge.com. One spam message per submission, please. Submitting a group of messages in an attachment is not the best way as much of the original spam message can be lost.
Please forward a copy of the message along with full internet headers to our False Positive team at false_positive@frontbridge.com. They will review the message and adjust our filters where needed to prevent the exact message from being tagged as spam moving forward.
to top
Latest Update:
July 10, 2008
|
|
