The ITS Help Desk receives an average of 50 calls and 70 emails a day from faculty, staff, and students of the University seeking assistance with various problems. Many UH users have received “suspicious” emails asking them to reply with personal information.
An email scam known as “phishing” has become prevalent, and many UH users have been targeted by this scam. A phishing email message typically asks you to reply with sensitive information, such as your Social Security number, date of birth, passwords, or bank account information. This email often contains some type of threat of account closure or termination. The email’s purpose is to try and convince an unknowing person that this information is needed from them for some type of continued service. However, when this information is provided, it can then be used to commit various forms of abuse and identity theft. If you receive an email that claims to be from the University of Hawaii, a bank, a credit union, or any similar entity, and asks you to provide sensitive information either by replying to the email or by clicking on a link to a webpage, this is most likely a phishing email.
Identifying an email message as a phishing message is critical to prevent identity theft and fraudulent activity in your name. The email messages used in phishing attempts share several common characteristics that can tip you off that they are fraudulent:
- The email may contain a “Reply-To” field specifying an email address that does not match the email address in the “From” field
This is a common tactic used so that the email address in the “From” field can be “spoofed” (or faked) to look like it is coming from a legitimate email address.
- The email threatens to close or terminate an account if you do not respond.
The threat is used to deceive an unknowing person into immediately responding to the email. The more immediate the response, the less likely the person responding would have had the time to recognize that the email may not be legitimate.
- The email will ask for some personal and sensitive information to verify your identity
The core of this scam is to get some information from you that could then be used fraudulently, whether it is your Social Security number, bank account or credit card number, or password to an account
- The email may contains a hyperlink to a webpage which does not match the Uniform Resource Locator (URL) shown in the email
In order to make a link in the email look legitimate, the text of the link may show a URL that appears to go to an actual page for the company or organization that the email is purporting to be from. However, the link actually takes you to a page with a different web address, often to a page that is made to look remarkably similar to a genuine webpage on the company or organization. You should be able to see the difference between the text of the link and the actual webpage the link will take you to through your email client.
So, what should you do if you have received a phishing email message? First and foremost, you should never respond to phishing emails. Even if your response does not contain any personal and sensitive information, the response confirms that your email account is being actively monitored, and that will increase the likelihood that you will receive more phishing attempts. Should a phishing attempt claim to be from the University of Hawaii, you can check if it has already been reported by looking at the Security Alerts on the ITS website. If the phishing attempt has not been reported, you can alert ITS by forwarding the message with full mail headers to email@example.com (refer to http://www.hawaii.edu/askus/898). If the phishing attempt claims to be from another company or organization, you should contact the respective company or organization to confirm their reporting procedures.
Due to the increasing impact and awareness of phishing emails, software is being designed to safeguard you against phishing attempts. Many email clients, such as Outlook and Thunderbird, offer some “junk email” filtering mechanisms that help to protect you from phishing attempts. Additionally, web browsers, such as Internet Explorer 7 and Firefox 2.0, contain anti-phishing measures meant to alert an unsuspecting user when opening a known phishing page through a link in a phishing email. Lastly, the PureMessage spam filter is constantly being updated in an attempt to identify and filter spam messages, which include phishing attempts.
In the event that you have responded to a phishing email, you will need to contact the ITS Help Desk immediately. To prevent your UH account from being used maliciously, it may be temporarily disabled until ITS can personally contact you. If you already suspect your account has been improperly accessed or used, change your UH Username password immediately, and then scan your computer for viruses or spyware infections. Refer to http://www.hawaii.edu/askus/892 (If you suspect that your account has been compromised...) for full details on what you can do. Contact the ITS Help Desk if you need assistance with this process.