AITS: Phishing – Don't Click on That!

image of the words phishing scams

August 2016 – Greetings. I hope everyone is having a great summer. A new academic year brings new attempts from the bad guys of this world to get their hands on passwords, personal information and your money!

What is Phishing and how does it work?

Simply put, phishing is an attempt to trick individuals into providing personal or financial information to criminals. Phishing is usually attempted via email, but can just as easily arrive as an instant message, social media communication, or text message. On the surface, phishing messages appear to come from legitimate sources like a bank or IT support. These messages will instruct a user take some action like clicking on a link, logging onto a fraudulent webpage, or providing other personal information such as credit card numbers. Phishing relies on confusing the targets of the scam to coerce them into providing this information.

What do phishing attempts look like?

Phishing can appear authentic and often will use company logos or address a user by name. Sometimes these messages claim that a user's account has become suspended or that it will be deleted if they do not respond. Other messages might claim that the user already has become a victim of a hacking scheme and should login or provide their credentials to protect themselves. Methods used by phishers become more and more sophisticated as we become more informed regarding their tactics.

How to protect yourself!image of dictionary definition of the word phishing

Here is the simplest counter to phishing: Don't open suspicious email or click any links from a suspicious message. Remember that personal information or passwords will never be requested by financial companies, social network companies, or UNT IT staff. If you are unsure of the validity of a message, contact the agency directly through your normal means. For example, if you received a message from your bank that seems suspicious, call or email them directly to inquire about the message. Do not click any links or login to any websites that you are directed to within the email. While at UNT, forward any suspicious messages to your local IT support. We can investigate and can take action to block these messages in the future.

Oops. I clicked the link and entered my account information. What now?

Don't panic! Take the following steps.

  • Contact your local IT support at UNT. Your local IT department can help identify what campus resources might be affected. We are here to help!
  • Login directly to any accounts that either may have been affected or share the same username or password. Do this from another computer or phone if possible. Follow the instructions on those sites to change your password.
  • TIP: It is a good idea to keep your usernames and/or passwords different for different sites. This limits the amount of reach that a bad guy would have into your accounts.
  • Contact your bank, credit card companies and other financial institutions. If you entered login information for your bank or provided personal information to an unknown source, contact these folks right away.
  • Scan your computer for malware: UNT ITSS offers free downloads of McAfee virus scanning software to all students and UNT employees. This software can be found at https://itss.untsystem.edu/security/antivirus-download.

Editor's Note: Please note that information in each edition of Benchmarks Online is likely to change or degrade over time, especially the links to various websites. For current information on a specific topic, search the UNT website, UNT's UIT Help Desk or the world wide web. Email your questions and comments to the UNT University Information Technology Department or call 940-565-2324.

Top