Please be wary of email phishing schemes

Submitted by ITS Call Center on Mon, 02/16/2009 - 8:17am

As we look forward to Spring, Internet con-artists are hard at work crafting schemes, called phishing attacks, to steal your identity. A recent trend is an increase in these phishing attacks on weekends when Information Technology Services staff and email system administrators are home for the weekend. If you read no further, please remember to NEVER provide your username and password to ANYONE in a reply to an email message: doing so ALWAYS ends badly, for you and for F&M. Your account is compromised and email from F&M is blocked because you caused a SPAM stream to start.

Several members of the Franklin & Marshall community have recently reported to Information Technology Services that they received notices indicating problems with their accounts and requesting verification of usernames and passwords.  These messages are sometimes accompanied by either an embedded form or a web link.  

These messages appear to come from webmail @ fandm, accounts @ fandm, a bank, or other official-sounding addresses.
A phishing attack is an attempt to acquire your sensitive information by masquerading as a trustworthy entity. An example is an email asking you to confirm your social security number, birthday, or your bank account number. Or perhaps the email masquerades as a message from ITS Webmail  and asks you to confirm your username and password.  When you enter your username and password, they are sent to the attacker.  Having a Franklin & Marshall email account compromised by a phishing attack will often result in all F&M email being blacklisted from sending mail to other Internet Service Providers.

Following are some tips on avoiding phishing scams.

No legitimate organization will ever ask for your password, social security number, bank account number, or any other confidential or personal information through email.
If you are unsure whether a message was sent legitimately, call the company or organization using contact information from their website, not the phishing email.
Use common sense. Attackers prey on your greed and fear. If an email suggests that something bad will happen, or that you must act now, stop and think. Take the time to verify the information before acting hastily. And remember: if it's too good to be true, it probably is.
Please report any suspected phishing attacks and other suspicious activity to the ITS Help Desk.

For more information, please contact the ITS Helpdesk via email at helpdesk@fandm.edu or by phone at 717-358-4483.

Best Regards,
Jon

 

HomeBlogshelpdesk's blog

©2009 Franklin & Marshall College  |  Lancaster, PA  |  717-291-3911