Skip to Content
Home
Maps
Calendar
Site Index / Search
Directory
  St. Edward's University

Computer Help
Internet Safety - Phishing
Faculty and Staff Information
Student Information
Computer Competency
Computer Training
e-mail
Hardware & Software support
How Do I?
Internet Access
Technical Acquistions
Viruses, Worms & Spyware
 
Computer Help
Information Technology

What is Phishing?
Phishing is an attempt to get you to reveal logins, passwords, account numbers and other personal information. Phishers send an email or instant message that claims to be from a business or organization that you deal with - for example, your Internet service provider (ISP), bank, credit card company, online payment service (such as PayPal), EBay, or even a government agency (such as the IRS).

What does a phishing attempt look like?

  • The e-mail message usually says that you need to "update" or "validate" your account information.
  • It might threaten some dire consequence if you do not respond. It might say you need to pay for an item on EBay or lose your account or that someone is suspected of hacking into your account and you need to verify your information.
  • The message may contain a "From" address that looks legitimate. Unfortunately, it is very easy to spoof the sender's address in an email.
  • The message has logos that look just like the legitimate company logos. Phishers copy logos from the web and place it in the email.
  • The message directs you to a Web site that looks just like a legitimate organization's site, but it is not. The purpose of the bogus site is to trick you into divulging your personal information so the phishers can steal your personal information. If you very carefully hover your mouse over the web address (don't click!) you can see the full URL which is usually very different from the real company's web address.

How should you respond to a phishing attempt?
If you get an email or instant message that asks for personal or financial information:

  • Do not click on the link in the message. Legitimate companies do not ask for this information via email.
  • If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address. In any case, do not
    cut and paste the link in the message.
  • Do not reply to "phishing" e-mails.

General E-Mail Safety Tips

  • Be suspicious of email attachments from unknown sources.
  • Don't use the links in an email to get to any web page, if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser.
  • Verify that attachments have been sent by the author of the email. Newer viruses can send email messages that appear to be from people you know. This is known as "spoofing" a sender's address.
  • Do not set your email program to "auto-run" attachments. In Eudora leave "Warn me when I Launch a program from a message" checked in Tools/Options/Extra Warnings. Leave "Allow executables in HTML content" unchecked in Tools/Options/Viewing Mail.
  • Obtain all Microsoft security updates.
  • Update your anti-virus protection weekly.
 
St. Edward's University Logo St. Edward's University
3001 South Congress Avenue
Austin, Texas 78704
512-448-8400		 Contact: helpline@stedwards.edu
Updated: 09/14/2006
© 2003, St. Edward's University