Phishing: what you can do
March 13, 2008 -- As phishing e-mails pose a new challenge on campus, here's what you can do to spot such e-mails and protect your data:
- Look out for e-mails that claim to be sent from DoIT and have messages like "Verify your SFSU.EDU email account now." See an example
- Be suspicious of any e-mail which asks you for your e-mail account username and password. DoIT will never ask for sensitive data via e-mail.
- If you doubt the sender of an email, find another way to verify the source such as phoning the organization or department directly to check.
- Remember that the From/ Reply-to e-mail address can easily be forged.
- Be wary of messages which ask you to respond quickly without thinking, for example the threat of your e-mail account being turned off.
- If you suspect the e-mail is a phishing attempt, never send any reply. Replying only indicates that your e-mail is valid, and you could attract more spam.
- If you have already replied to a phishing e-mail or require further advice, see the DoIT Web site.
-- Elaine Bible
Share this story: