Phishing

  • Phishing

    "Dear IUP Email subscriber..."

    "Confirm your Webmail account..."

    "Your Email account upgrade..."

    When using email, you may come across suspicious messages. Some of these messages can be phishing attempts. Phishing messages will often ask you for personal information such as your password or credit card information. They may also try to convince you to perform a certain action, such as click on a link, open an attachment, send money, or buy gift cards. These messages are often crafted to appear like they came from a trusted authority or someone you know. It is important to be vigilant when using email.

    Noticeable signs of a phishing scam include the following:

    • Messages that ask for personal information such as username, password, bank account, or credit card number.
    • Messages with a sense of urgency. For example, “Your account needs upgraded.  Click this link or it will be deleted”.
    • Messages with an attachment that you weren’t expecting. These often times look like they are coming from a reliable source, but they are not (Fedex, Credit Card Companies, the IRS).
    • Messages that ask you to perform tasks like buying gift cards.
    • Messages that have a generic greeting rather than using your name (Dear Customer, Dear User, etc).
    • Messages with poor grammar or spelling mistakes.

    Ways to avoid phishing scams:

    • Never click on links or open attachments from users and email addresses with which you are unfamiliar.
    • Review the actual email address of the sender of the email to ensure it is valid.
    • Never give out usernames, passwords, or other sensitive information via email or telephone.

    IRS Tax Scams and Consumer Alerts is a web page published by the IRS informing taxpayers of common scams. You can learn more about these scams and how not to fall for them by visiting the web page. “The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.”

    Remember, the IT Support Center will never ask for your password via the phone or email. If in any doubt about the validity of an email message, forward the suspected phishing attempt as an attachment to abuse@iup.edu