Benchmarks Online

Skip Navigation Links


Page One

Campus Computing News

Protect Yourself From Phishing

Mean Green VM Machines

EDUCAUSE in San Antonio -- "Making IT Work for Everyone"

Today's Cartoon

RSS Matters

The Network Connection

Link of the Month

Helpdesk FYI

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

Protect Yourself From Phishing

By Gabe Marshall, Information Security Analyst

This is the second in a three-part series of articles the UNT Information Security Team prepared as a part of their own security awareness program. The first article was published last month in Benchmarks Online.

In recent years, UNT has become a common target of an increasingly popular email attack method known as “Phishing”. The attack usually has no specific target (much like actual fishing), and uses various lures in attempt to trick users into believing the email is legitimate. Hackers who design and distribute these attacks are normally seeking passwords, social security numbers, or any other type of valuable information.

Specifically to UNT, the past year has shown several occurrences of email messages appearing to be from UNT IT Support asking users for their passwords. How come nothing is done to prevent these emails, you might ask? Unfortunately there is only so much that can be done from a technical standpoint. Email can easily be forged to appear benign due to the fact that the “TO” and “FROM” headers in email are largely arbitrary text. The best advice is to simply be careful with the emails you open and respond to. Pay special attention to the links you are about to click on as well as the type of information you are about to send out.

If you receive an email that you’re not quite sure about, try to keep an eye out for any of the following telltale signs of common phishing emails.

  • Emails not addressed specifically to you.
     

  • Simple and reoccurring misspellings.
     

  • Frequent grammar errors.
     

  • Monetary offers for complying with their request.
     

  • URLs (links) in the message body that do not match what is shown in the email footer.

Remember that sensitive information should never be requested through email, even if it appears to be from a valid source such as a bank, government agency, or even UNT. If you’re still unsure about the legitimacy of an email, you can always forward it to the UNT Information Security team security@unt.edu, 565-4062.

To find out more about Information Security and the training opportunities we have available at UNT, visit our website at www.unt.edu/security.

 

Originally published, November 2008 -- Please note that information published in Benchmarks Online is likely to degrade over time, especially links to various Websites. To make sure you have the most current information on a specific topic, it may be best to search the UNT Website - http://www.unt.edu . You can also search Benchmarks Online - http://www.unt.edu/benchmarks/archives/back.htm as well as consult the UNT Helpdesk - http://www.unt.edu/helpdesk/ Questions and comments should be directed to benchmarks@unt.edu

 

Return to top