My Okstate Home > Phishing Saturday, November 7th 7:17 am (CST)





My Okstate
O-Key Account
Student Email
Campus Life
Financial Aid
Library
Student Union
Campus Orgs
OSU Athletics
WebCT
Blackboard
OSU Home

Online Pharmacy

Oem Software

   
Don't Be the Catch of the Day!
 
 

What is Phishing?
 Phishing attacks use 'spoofed' e-mails and fraudulent Web sites designed to trick recipients into disclosing personal financial data, such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the brands of well-known banks, online retailers and credit card companies, phishers are able to scam the recipeints into surrendering private information that is used for identity theft. The e-mails direct the users to visit a Web site, where they are asked to update personal information that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.

Recently, phishing attacks have become increasingly sophisticated by exploiting vulnerabilities in popular Web browsers, such as Internet Explorer and Mozilla. Many times, there is no way to determine whether the e-mail is fraudulent or legitimate. To minimize your risk, never click on a link. Instead, type in the URL where you want to go.

Phishing, also referred to as brand spoofing or carding, is a variation on "fishing," the bait is thrown out with the hopes that some will be tempted to bite.


 Educate Yourself!
Take the MailFrontier quiz to see if you can spot "real" e-ails from "phish".
http://survey.mailfrontier.com/survey/quiztest.html


 10 Tips from the Anti-Phishing Working Group:
  1. Be suspicious of any e-mail with urgent requests for personal information.
  2. Don't be fooled by e-mails with upsetting or exciting (but false) statements that require you to react immediately.
  3. If you suspect the message might not be authentic, don't use the links within the e-mail.
  4. Don't fill out forms in e-mail messages that ask for personal financial information.
  5. Communicate information, such as credit card numbers, only via a secure Web site or telephone.
  6. To make sure you're on a secure Web server, check the beginning of the URL in your browser address bar. It should be "https" rather than "http". (The "s" stands for secure.)
  7. Consider installing a Web browser toolbar, such as EarthLink's Scamblocker, to alert you before you visit known phishing fraud Web sites, (eBay also has a similar tool).
  8. If an e-mail message is not personalized, assume it's not a valid message.
  9. Log in to your online accounts regularly, to check bank, credit and debit card statements. Make sure that all transactions are legitimate.
  10. Ensure that your operating system and browser are up-to-date and security patches have been applied.




© 2004, Information Technology Division , Oklahoma State University :: Contact Webmaster