Benchmarks Online

Skip Navigation Links

Page One

Campus Computing

Project Management Practices at UNT

JAWS 9.0 has arrived!

Spring Break Hours

Today's Cartoon

RSS Matters

The Network Connection

Link of the Month

Helpdesk FYI

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

Helpdesk FYI

By Jonathan "Mac" Edwards, Assistant Manager of the CITC Helpdesk

Phishing

Recently UNT has seen a rash of Phishing email messages. A Phishing Email is described as “an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication."1 

Generally these messages request that you verify your account by following a link, and then entering sensitive data such as your username, password, social security number, and date of birth. Unfortunately these links lead to a website hosted by the scammer, and once you submit your information you have given away everything needed to access your account.  These websites can be convincing, and look exactly like a company’s actual website.

Fortunately it is very easy to protect yourself from such scams. As a rule the Helpdesk will not email users requesting sensitive information such as their date of birth, social security number, and password.  This holds true for most businesses. If you receive an email requesting you respond with, or fill out a form with, sensitive information it should be regarded as a Phishing attempt.  If you would like to verify the validity of such an email, contact the company in question at their publicly listed (not one listed in the email) support desk phone number.

Sometimes even the most astute can fall prey to these scams.  This can quickly lead to a compromised account. If you fear your UNT account has been compromised you first should change your password, and secret question to avoid any further misuse of your account.  You should then report the incident. Information for reporting a security violation can be found at http://security.unt.edu/incidentreporting. Students who feel they may be the victim of a Phishing scam can report the incident to the CITC Helpdesk at helpdesk@unt.edu .

The Security Team (http://security.unt.edu) has posted the following information regarding Phishing scams on their website:

UNT system administrators and staff will never ask for your UNT password. Immediately change your password and discard the old one. The senders of the fake email are collecting valid credentials to use for access to UNT services, especially email through which spam can be sent. Report the incident to your supervisor and system administrator, so any additional containment or handling can be coordinated. 
 

  • References

  • 1http://en.wikipedia.org/wiki/Phishing

    Recently appearing in Benchmarks Online:

     


    Originally published, March 2008 -- Please note that information published in Benchmarks Online is likely to degrade over time, especially links to various Websites. To make sure you have the most current information on a specific topic, it may be best to search the UNT Website - http://www.unt.edu . You can also search Benchmarks Online - http://www.unt.edu/benchmarks/archives/back.htm as well as consult the UNT Helpdesk - http://www.unt.edu/helpdesk/ Questions and comments should be directed to
    benchmarks@unt.edu

     

    Return to top