Spring Cleaning Your Office? Know What to Do with E-Waste
Keep Your Identity Safe When Filing Taxes This Year
Why use Penn+Box when Storing Data in the Cloud
Mobile Device Security - 3 Recommendations for Cloud Users (Hint: That's You!)
Be Aware of QR Code Risks
It’s Data Privacy Month: Update Your Facebook Privacy Settings and More
How Are You Celebrating Data Privacy Month?
Stay Secure while Working on Public Wi-Fi Networks
Protecting Your Finances During This Year's Holiday Shopping Season
Cloud and You
Security and Privacy Online Training & Tools
October: Free Secure Disposal of Paper and Electronics at Employee Resource Fair; NCSAM
Student Privacy - What Do I Need To Know? A FERPA Reminder
Top 10 Tips for Securing Your Smartphone or Tablet
Working Off Campus? Some Tips to Consider
Tagged with keyloggers , identity theft , phishing
Tuesday, January 13, 2009 - Almanac Vol. 55, No. 17
Avoid Phishing E-mails: Here How
Phishing e-mails are the perfect storm.
- They are sophisticated and easy to fall for. Recent examples include commonly received warnings, such as “Your Mailbox is Over its Size Limit”; messages that seem to come from your real friends, especially in the form of greetings cards; and messages about major news events.
- They are frequent. The AntiPhishing Workgroup reported that crimeware-spreading URLs infecting PCs with password-stealing code rose 93 percent in the first quarter of 2008.
- And they are very dangerous. Some are dangerous because they ask for your personal information. Some are dangerous because a click on a link installs a keystroke logger that gets your personal information without needing to ask you for it. Either way, your risk of identity theft is significant.
How do you know what is a legitimate or illegitimate phishing attack?
- Get educated. One of the best sites we’ve seen for solid, beginner and advanced, quick and creative education is a site created by Carnegie Mellon University. Visit http://cups.cs.cmu.edu/antiphishing_phil/ or search the web for “anti-phishing phil” and follow the link to CMU’s website. You will be smarter about what to avoid and why.
- Double check lists of known scams. There are several good and reliable sources for checking on whether a message is legitimate or not. Check out http://www.snopes.com.
- Ask a Penn Resource. You may always ask Penn’s Office of Information Security or your local support provider for advice when you are unsure of whether an e-mail is a scam.