Phishing and Spam Reminder

A particularly tricky, and highly believable, phishing email has been making its way through our campus email filters recently.  What people are receiving are attachments that are fake invoices and banking documents that look real, but they are meant to harm your computer.  The attachments contain malware, programs that can mess up your computer and/or steal confidential information.

So far, Sophos (our Antivirus and Anti-Malware software) has been blocking the malware when a user inadvertently opens an attachment (hopefully it is intercepting all of them).  This has prevented the malware from doing any damage, but we don’t want to put Sophos to the test any more.

If your computer starts acting up with unusual behavior (e.g., strange popups or unusual ads in web pages, etc.), please give the IT Help Desk a call.

How to spot phishing emails and spam

There are a few tell-tale signs you can look for to determine if an email is a phishing attempt and/or spam:

  • You were very likely not expecting an email regarding an end of month statement, an invoice for something recently purchased, or a money transfer.
  • The email is from a bogus email address.  This is not always the case, but if it looks like something just isn’t right, err on the side of not trusting it and call the Help Desk.
  • The source for the download (if there is a link) does not match the sender or even a well-known source.  Sometimes, an email mixes legitimate links (like www.westernunion.com) in with not-legitimate ones (www.somethingyouhaveneverheardofbefore.com), so you have to be sure to read, and pay attention to, the entire email and entire link.
  • There are obvious spelling and/or grammatical errors, but that is not always the case.
  • The email just doesn’t make sense or sounds too good to be true.  Why would anyone just want to wire transfer $5,000 to me from Europe or Africa if I just give them my information?

Tips for sending messages so your recipients do not think your message is spam

  • If you attach a document, make sure you tell your recipient  that you are attaching the document and perhaps offer a brief description of the contents.
  • If sending links, stick to well-known web sites or clarify if the sites are not.

What do I do if I receive a phishing attempt or spam?

  • If you can tell it is spam or a phishing attempt, please forward it to the helpdesk@malone.edu and then you can discard the message. Do not click any of the links.
  • If you are getting a lot of spam, let the IT Help Desk know
  • If you are not sure whether an email message is legitimate, you can contact the help desk or even forward it to helpdesk@malone.edu

What if I opened a phishing attempt that asks my password or to reset my password or clicked on a link?

If you find yourself having given your password out to someone through a phishing attempt or clicked on a link, you should…

  1. Call the help desk immediately and let us know what has happened.
  2. Change your password immediately. You can go to https://userid.malone.edu <–note the malone.edu address indicating that the link is legitimate, or
  3. You can also go to www.malone.edu and use the “Account Management” link located under the Malone Xpress log in page.
  4. Contact us at the IT Help Desk, letting us know that your account might have been compromised, so that we can monitor it for suspicious activity.

Remember that our office will NEVER EVER ASK for your password.

Any emails from help desk to the community will always come from helpdesk@malone.edu

Please contact the IT Help Desk if you have any questions or issues. We can be reached via email at helpdesk@malone.edu , via the web at http://www.malone.edu/helpdesk or by phone at 330.471.8428.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

We’re on Twitter!