Information Technology

Phishing

Announcements

  • To report a phishing email or if you have a question about the authenticity of an email, please forward a copy of it to abuse@umb.edu.

Phishing, Scams, Adware, Spyware

Phishing and other scams are serious business. If you fall for an online scam, you risk exposing your personal or financial information and could cause the University's online services to be blacklisted. Read on for information on how to protect yourself.

What do the words mean?

Introduction

Phishing activities are on the rise. According to the recent Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG), the total number of unique phishing reports submitted to APWG in January 2008 was 29,284, an increase of over 3,600 reports from the previous month. Almost every day, newspapers, blogs and RSS feeds carry the sad tales of lost identities and pilfered life savings.

What is Phishing?

According to the APWG:
"Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials.

Social-engineering schemes use 'spoofed' emails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond.

Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

How to Protect Yourself

You can improve your odds of avoiding the headaches associated with phishing by following the steps listed below.

The simplest 1-2-3 advice is: 1. Be wary 2. Stay vigilant 3. Use common sense. For a few specifics, follow this APWG list of tips to prevent being hooked by a phishing attempt:

Read the full article Consumer Advice: How to Avoid Phishing Scams for more details. See also the FTC Consumer Alert: How Not to Get Hooked by a 'Phishing' Scam.

Sharpen and Test Your Skills

There are several excellent tutorials to help you spot phishing attempts and learn how to avoid them, and quizzes to test your awareness of various phishing tactics. You may wish to check out one or more of the following listed here.

Tips, Tutorials & Videos

Quizzes