Phishing – emails that try to get your password

What is phishing?

We just had an aggressive phishing attack on the campus.  What is phishing you ask?  It doesn’t mean salmon or cod are trying to get into our classes.  Phishing is when someone is trying to trick you into giving up personal information (username, password, financial info) by pretending to be someone else.  There is “bait” to “lure” you in.  They often use that info to take over your email account to send spam but sometimes may try to get at your personal information and financial accounts.

How to recognize phishing?

There is not a perfect test to recognize phishing but you can look out for these red flags.  Also, if something seems suspicious it’s probably a scam and you should just delete the message.

  • You are being asked for your login, password, or being directed to go to a page and login.
  • The message seems to come from out of the blue.
  • The message is poorly written or has spelling errors.
  • It is telling you this is urgent, important, you will lose access if you don’t act now.  They are trying to scare you.
  • The From: doesn’t match the content of the message.  Keep in mind the From: can be made to be anything (just like postal mail, I can send you a letter and put the from to be “President of the United States.”).
  • If you do click on the link (though we recommend you do not) be sure to look at the address in the address bar.
  • Augsburg IT will not ask you for your password and will generally not ask you to login to a website.

Let’s look at the recent phishing email and see how many red flags it raises.

Screen shot 2013-02-13 at 8.42.45 AM

  1. You are being asked to login and update your email address.
  2. The subject is pretty generic.
  3. There is a typo (can you spot it?).
  4. The From is wisc.edu and not augsburg.edu.
  5. If you clicked on the link it goes to alldayivebeenthinking.com/wp-content/themes/augsburg.edu.htm which looks a bit odd.

What should I do if I did enter my password?

  1. The first thing you should do is go change your password on Inside Augsburg.
  2. Don’t worry if you can’t login to change your password — try to use the “Forgot password” link to reset it.
  3. If you can’t reset it just call the Tech Desk or your LFC to get your account unlocked.  It is very likely that if you gave up your password that they are already sending spam and Augsburg IT will detect the 100s of emails being sent and will have changed your password to lock out the phishing attacker.
  4. After you have changed your password be sure to update your phone and other mobile devices with the new password.

This video by students at Cabrillo College will help you remember to watch out next time.

Posted in Security