Phishing scams are becoming more sophisticated; ergo, we need to become more sophisticated in our awareness of how to recognize and avoid becoming victims.
Remember: CLU will never ask you to fill out a form in an email that requests account access information. CLU will ask you to reset your password every 180 days; the CLU password reset page is http://www.callutheran.edu/password
Here’s a few tips to keep your account secure:
1. Sender Address: Ensure that the sender address is coming from a Cal Lutheran email account. In the phishing instance last week, the sender was identified as System Administrator [email@example.com] which is certainly not a callutheran.edu address.
2. Deceptive links: Note if a discrepancy between the shown link and the real destination URL exists. To see if the link text agrees with the link destination, hover your mouse over the link in the message. If you ever see a link that claims to be to one place but is really to another, beware.
3. Obvious grammatical or spelling errors: Email messages that claim to be from a business and yet contain errors in grammar, use of words, spelling or punctuation are suspicious. Most businesses have several layers of review before a message is approved for release to the public.
4. IP addresses in the URL: If you ever see an IP address in the shown or the real URL, be suspicious. For example:
http://188.8.131.52/?36a4bc955099675c50080d0229e368412571 Remember that the target of a URL is between the // and the first /
This example shows that the URL will actually take you to a computer, not a website.
Source and more information: http://www.educause.edu/Resources/Browse/Phishing/30515
This Issue’s Techno Term:
Definition: refers to software programs designed to damage or do other unwanted actions on a computer system
Example in a sentence: Accessing the link provided in last week’s phishing scam e-message may have caused malware to automatically download to your local computer drive.