Tech Tip 13 - Phishing

Published: 9/26/2012 8:06 AM

​Phishing is a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly.

 

The types of confidential information solicited usually includes but are not limited to; bank account information, network usernames & passwords, social security numbers, birthdates, etc.  
 
As detailed on Microsoft.com, here are a few explanations of the most common types of phishing scams:
 
-  They might appear to come from your bank or financial institution, a company you regularly do business with, such as Microsoft, or from your social networking site.
 
-  They might appear to be from someone you know. Spear phishing is a targeted form of phishing in which an e-mail message might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT.
 
-  They might ask you to make a phone call. Phone phishing scams direct you to call a customer support phone number. A person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data. The phone phisher might claim that your account will be closed or other problems could occur if you don't respond.
 
-  They might include official-looking logos and other identifying information taken directly from legitimate Web sites, and they might include convincing details about your personal information that scammers found on your social networking pages.
 
-  They might include links to spoofed Web sites where you are asked to enter personal information.
 
According to the System Administration, Networking, and Security Institute (SANS), if an email message contains any of the following phrases, there's a good chance it could be a phishing scheme.
 
A.  "We need to verify your account information."
B.  "If you don't respond immediately, your account will be cancelled."
C.  "Click the link below to update your information."
 
To provide feedback or submit a technical topic/question you’d like to see addressed, please send e-mails to Matt.Jury@education.ky.gov
 
Published 3/19/2010