Beware of Phishing Scams
As the College continues working remotely and teaching and learning online, it is a good time to remind students, faculty and staff about phishing emails that continue to circulate. Cybercriminals are creating coronavirus-related websites daily with the goal of scaring people into clicking and submitting valuable information that can compromise College systems as well as an individual’s personal information.
A couple of recent examples include:
- COVID-19 scams targeting college students
- Email that looks like it is from Johns Hopkins Center and has an Excel attachment which claims to have stats about the number of coronavirus deaths in America. If you open the attachment and click on “Enable Content”, it will download software that allows cybercriminals to take over your computer and steal confidential information.
There will be more scams like this, so please remember to always Think Before You Click! Do not click any links in an email unless you are expecting the email, and never click on links that request personal information.
Below are some tips to identify phishing and best practices to protect your personal information.
Forms of Phishing or Spam Emails or Requests
- They might appear to come from your bank or financial institution, a company you regularly do business with, the government, popular social networks, online payment processors and company IT Administrators. These entities would NOT use email to request confidential or personal information.
- They might appear to be from someone you have in your email address book.
- They might ask you to make a phone call. Phone phishing scams direct you to call a phone number where a person or an audio response unit waits to take your account number, personal identification number, password or other valuable personal data.
- They might include official-looking logos and other identifying information taken directly from legitimate websites, and they might include convincing details about your personal history that scammers found on your social networking pages.
- They might include links to spoofed websites where you are asked to enter personal information.
Best Practices to Protect Your Personal Information
- Do not click on links within an email that ask for personal information.
- Never enter your personal information in a pop-up screen.
- Only open email attachments if you are expecting them and know what they contain.
- Do not click “unsubscribe” in emails. These links are not always legitimate. Best practice is to mark as junk email or block sender.
- Know that phishing can happen over the phone.
- If someone contacts you and says you’ve been a victim of fraud, verify the person’s identity before you provide any personal information.
- Be suspicious if someone contacts you unexpectedly and asks for your personal information.
- Act immediately if you’ve been hooked by a phisher. If you provided account numbers, PINS or passwords to a phisher, notify the companies with whom you have the accounts right away.
Additionally, you can review more information regarding phishing and spam directly from the FTCs website under the consumer protection section: http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
If you have any questions, please email the IT Help Desk at firstname.lastname@example.org.