Difference between revisions of "Phishing"

From CIT Wiki
Jump to: navigation, search
(Identifying Fraudulent Websites)
(Identifying Fraudulent Websites)
Line 56: Line 56:
==What to do with Phishing Messages==
==What to do with Phishing Messages==

Revision as of 10:11, 25 July 2016

Suspicious or "Phishy" Messages

Recently the campus was spammed with a batch of messages like this:

From: OBERLIN <jdoe@kent.edu>
Date: Fri, Jul 22, 2016 at 7:55 PM
To: undisclosed-recipients:;
Subject: (CIT) Help Desk

Submit your Oberlin College account because it seems that you can have
multiple accounts or using your account may be genuine.

If you do not submit your email you wont be able to access Oberlin
College email next time. Please follow the instructions to avoid the
disabling of your account, please kindly use the link below


Note that we will not be able to process your application unless you
have submitted an accepted way.

2016 © Oberlin College | All Rights Reserved

What is Phishing?

Phishing is defined by the US Computer Emergency Readiness Team (US-CERT) as "...an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information such as account usernames and passwords that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code."

A Taxonomy of Phish

  • Phish - A form of Spam email intended to fool readers into divulging email account credentials to the sender. In other words, a Phony fishing expedition.
  • Spear-fishing - A more directly targeted form of Phishing attempt, using lists of banking customers, college students and employees, and the like. More likely to succeed.
  • Whaling - A form of Spear-phishing targeted at CEOs, financial officers, others with access to large bank accounts or other high-value assets that might be compromised.

The Dangers of Phishing Messages

These "phishing" messages often increase in volume and frequency at various times during the year. Spammers send them in an attempt to get you to divulge personal information which can they be exploited, mainly to steal money, steal your identity, or otherwise perform some malicious activity.

What can they do with your Oberlin College email account?

  • Use your email account to send harmful phishing messages to people in your address book
  • Modify your Oberlin web site (if you have one) to spread infectious files to visitors
  • Attempt to log into restricted Library reference material, costing Oberlin access fees
  • Attempt to access other College systems, such as Blackboard

Identifying Phishing Messages

There are some telltale signs that can help you determine whether a message was sent by Oberlin College CIT, HR, or other legitimate organization, or by a spammer hoping to steal your confidential information.

  • If you notice poor grammar, spelling, or punctuation, the message may be coming from a spammer.
  • If the message tells you to respond or click on a link or something dire will happen, such as your account will be deleted, or you will not get the forms you need, the message is likely from a spammer.
  • If links are included in the message and you do not ask for them, the message is likely from a spammer.
  • If the message is not signed by an actual person, such as Chester Andrews, Director of Client Services, but is instead signed by a generic positional name, such as Administrator, Admin, HR, Account Manager, The Oberlin Team, Ebay Admin, Bank Administrator, etc., then the message is very likely from a spammer.

Screen Shot 2016-07-25 at 9.52.47 AM.png

Identifying Fraudulent Websites

If you do not read the phishing message closely, you may click on a link without thinking and end up on a fraudulent webpage. But it's not too late! There are also some signs to look for on these sites to help you identify a scam before you enter your username and password.



What to do with Phishing Messages

Oberlin College CIT will never ask you for your password or email credentials in an email. Neither will other legitimate organizations. If you think a message looks "phishy", you are probably right to be suspicious.

There is little anyone can do in advance to block all phishing messages from reaching your inbox. If you've received a phishing message, staff members within CIT have likely also received it and are aware of the problem. Thus, there's no need to forward the messages to us. The best course of action you can take is to change your ObieID password immediately and click the "Report spam" button in OCMail (it looks like a stop sign with an exclamation point on it) to alert Google about the message and to help them refine their spam filtering capabilities.

Also, remain aware of potential phishing messages. Don't divulge personal information and don't click on links in unsolicited email.