Tag Archives: Phishing

Tip #14 First It Was Phishing, Now It’s Smishing

Example of a phishing text and how the consumer handled it using Twitter.

Example of a phishing text and how the consumer handled it using Twitter.

On another (very important) note, another phishing technique lures consumers by using text messages containing URLs and phone numbers. Such a message  usually asks for one’s immediate attention, and requires one to respond or click on the URL.

Oftentimes, the message will come from a “5000” number instead of an actual phone number. This indicates the text message was sent via email to one’s cell phone, rather than from another cell phone.

So don’t turn into another stolen cell phone statistic. Or a consumer who’s been tricked. Regardless of what you’re doing, make sure your cell phone is secure and keep an eye out for odd, seemingly “phishy” text messages.

If you think you’ve received a phishing message, contact IT Customer Care immediately: 718-817-3999 or HelpIT@fordham.edu.

Read more about cell phone safety in Tip #11.

 

Tip #13 Is that a Fish on Sale or a Phish?

Image: Phishing. adampop, Flickr.

Image: Phishing. adampop, Flickr.

Would an Ebay representative threaten to close your account lest you submit $150? Would Amazon normally offer you $100 free store credit? Would your favorite clothing store usually give you 80% off on fall clothes purchases? Chances are, if an offer seems too good to be true, it probably is!

If you’re surfing the web and you encounter something feels “phishy” or suspicious, take note! If an offer seems too good to be true, forget it! Some of the most common phishing scams target Internet users that blindly click and submit personal information, so make sure to be mindful of the way design and information are presented — before you click.

Phishing sites often try to replicate the “look and feel” of an existing site. They attempt to lure people into using phony websites that look just like the authentic sites of larger companies, organizations, or agencies that they are impersonating. Because we conduct meaningful transactions online every day, ranging from making simple purchases, to paying bills, to even paying taxes, it’s important that we’re alert to subtle changes on websites that we normally use. These deviations might be link names, header titles, text, or layout of a site.

So, take note and be careful when perusing the web. Unfortunately, a growing strategy for attackers is playing on the innocence and ignorance of Internet users.

Tip #11 Cell Phone Theft

Cell Phone Theft

Image: “Numbers of stolen cell phones growing fast around the country,” The Droid Guy

 

 

Thousands of cell phones are stolen and infiltrated every month. Even some Fordham students have been victims of this crime. Once a cell phone is hacked, the thief has access to a huge amount of personal information. So take heed! Follow these practical measures to avoid becoming a target.

  • Use your phone’s security lock code to create a unique pass code.
  • Disable bluetooth on your phone if not in use.
  • Make sure to only unlock the phone when you need to use it.
  • Do not lend your mobile phone to strangers on the pretext of an emergency situation. They may slip away with it before you know it.
  • Immediately report a lost or stolen phone to your service provider and to the police, and insist on an acknowledgment.
  • If you are a member of the Fordham community, report your theft to IT Customer Care at 718-817-3999 or HelpIT@fordham.edu
  • When not in use, keep your phone out of sight—in your pocket, backpack, or handbag.
  • Do not, by any means, leave your cell phone unattended.
  • Avoid disclosing the relationship between you and the people in your contact list. Avoid using names like “Home,” “Honey,”Hubby,” “Mom,” or “Dad.” Criminals might attempt to contact these individuals to extract more of your personal information.

Make sure your phone is secure. And if you get some weird-sounding texts from a friend or family member, get in touch with them in some other way before you respond.

For more information about cell phone theft, read “How to Deter Smartphone Thefts and Protect Your Data” from CTIA, the Wireless Association.

 

Tip #10 Geotagging and Location Sharing–Just Don’t!

1937 Map of the Bronx

1937 Map of the Bronx

When you got back from vacation, your friends looked at you with amazement and admiration: You went to the Louvre in Paris, the Forum in Rome, AND you ran the Great Wall Marathon in China. They know this because every time you stopped for a croissant, a dish of pasta, an egg roll, or to tie your sneakers, you geotagged your location on all your social networks.

Location tagging or geotagging yourself on social networks is never safe. While it might look cool that you’re visiting iconic places or doing incredible feats (or just mundane things), at the same time, you risk cluing in a stalker about exactly where to find you, or telling a thief that you’re not home.

Whenever you geotag, you’re not only talking to a small group of friends. You may potentially be talking to anyone on the Internet. In general, location tagging is not a safe feature to activate, so do your best to avoid it.

Read more about geotagging on The Daily Beast.

Tip #7 Check before you click!

Screen Shot 2015-10-07 at 10.37.16 AM

Example of a valid link.

By Meiren Park, IT Communications Intern

You get a lot of links thrown at you everyday, from various sources: email, texts, Twitter, websites and so on. Viruses and malware can enter your computer just by clicking on it. Play it safe by checking the link before you click on it.

You can check a link by hovering over it with your cursor. Look at the bottom left of your screen to see whether the link is legit or not. A legitimate link won’t have a long string of letters and numbers–it’ll just be the same URL as the link you’re about to click on. For example, if the link says “www.google.com,” that same link should appear on the bottom left of your screen. In the example above from the New York Times, the cursor was placed over an image and the image’s link appeared on the lower left.

If you’re not sure whether a link is good or not, call IT Customer Care to report it.

Don’t fall victim to a malicious attack. Be careful before you check out the newest link you find on your feed! Read more about this on our web page, Spam and Phishing.

Image: “New York Film Festival Offers Quiet Treasures and a Little Jazz,” New York Times, October 7, 2015.

Tip #2 | Sharing Online with Friends, Cautiously

Ernie and Bert. 1969. IMDB Photo Gallery

Ernie and Bert. 1969.
IMDB Photo Gallery

by Merien Park, IT Communications Intern

Sharing with friends is part of what makes friendships work and why they are wonderful. But be careful when sharing online with friends, as well as relatives, acquaintances, and of course strangers!

When a friend or someone else you know sends you a file to download or a link to click on, be absolutely sure that person sent it. If the download or link doesn’t seem like something this person would send (would your friend send you a link for free tickets to a Yankees – Red Sox game if you’re known as a rabid Mets fan?). Check with the source before you click or download something. If you do follow through with the link or download and it seems suspicious, get of there fast. Contact IT Customer Care (718-817-3999 or HelpIT@fordham.edu) for help in identifying whether the link or download was malicious.

Needless to say, don’t open any files or click on something from people you don’t know or people you don’t know well. Also, an email can claim to come from someone you know, but that person’s email account might have been hacked. If the invitation to click or download looks suspicious, check with your source!

Fordham IT’s UISO also has a lot of information about online safe on their web pages.

Stay safe!

Admin – Phishing Email Sent to the Fordham Community on 07/17/2015

This is a Phishing email that has been reported. This message was
received on or about July 17th, 2015. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————

From: Peck, Claudia <cpeck1@kent.edu>
Date: Friday, Jul 17, 2015 at 10:24:13 AM
Subject: Admin
To: User@fordham.edu

Your fordham.edu account has been temporally suspended, and this means that you  will not be able to send and receive new email messages. This is because of the  on-going yearly web maintenance and deleting of inactive  fordham.edu accounts. You are then requested to verify your  fordham.edu  account below for upgrading.

Click Or Open this link to VERIFY your Account: (Link Here)

——————–End Message ——————————

 

Email Account User- Phishing Email Sent to the Fordham Community on 06/17/2015

This is a Phishing email that has been reported. This message was
received on or about June 17th, 2015. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————
From: Web Notice <aapay@sakarya.edu.tr> OR Web Notice <jhansel1@binghamton.edu>  Date: Wed, Jun 17, 2015 at 7:26 PM
Subject: Email Account User
To: User@fordham.edu

Email Account User

Your Webmail account Certificate expired on the 1th-06-2015, This may interrupt your email delivery configuration, and account POP settings, page error when sending message.

To re-new your webmail Certificate, Please take a second to update your records by link below or copy and paste link

(Link here)

account will work as normal after the verification process, and your webmail Certificate will be re-newed.

Sincerely,
University Webmail Admin

-----------------------------End Message ---------------

Notification – Phishing Email Sent to the Fordham Community on 06/13/2015

This is a Phishing email that has been reported. This message was
received on or about June 13th, 2015. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————

From: IT Help Desk <lynn9@mail.usf.edu>
Date: Saturday, Jun 13, 2015 at 3:01 PM
Subject: Notification
To: User@fordham.edu

Fordham User,

This is to information from fordham database due to unusual spam activities
going via internet (junk/spam message),  We are currently upgrading and to
de-activate some fordham Email Account from our database.

To avoid losing/de-activation of your fordham Account, you are advice to
contact:Click here 

We apologize for any inconvenience this may have caused.

Sincerely,
IT Help Desk.
 

—————————–End Message —————

Help Desk – Phishing Email Sent to the Fordham Community on 06/11/2015

This is a Phishing email that has been reported. This message was
received on or about June 11th, 2015. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————

From: IT Support <niabryant@mail.usf.edu>
Date: Thu, Jun 11, 2015 at 1:49 PM
Subject: Help Desk
To: User@fordham.edu

Dear fordham User,

During our regular verification of our software we found out your antivirus
is out of update,

The Symantec Software Center requires you to update your antivirus,
Kindly contact HelpIT@fordham.edu (Malicious link embedded in email address)
 
Sincerely,
Fordham University 

—————————–End Message —————