Email Fraud and other Computing Risks
Recently there has been a sharp increase in solicitations that are falsely made
to appear from legitimate sources. These emails do not originate from the address
you see, the address is typically forged. We think that ISR personnel should be
aware of the scams that are being sent through the email. These emails, commonly
referred to as "spoof" [or 'phishing'] messages are sent in an attempt to collect
sensitive personal information from recipients who reply to the message or click
on a link requesting this information.
We advise you to be very cautious of email messages that ask you to submit information
such as your credit card number, email password, personal identification numbers (PIN),
social security number or bank account numbers. Reputable organizations never ask for
this information through email. If you are tempted to reply to a message of this type
we advise you call them first to validate the request before supplying any information.
Additionally email or links within email may contain other applications that provide others
with a route into your PC. Use the general rules below to help safeguard your self against
information and identify theft.
SOME EXAMPLES
- A message APPARENTLY from Microsoft asking you to install an attached update. Microsoft never sends updates through the email; this bogus file infects your PC
- A message APPARENTLY from the FBI stating they need your bank account number to check if its been stolen ---- the FBI never asks for this information through the email
- You receive a greeting card and open it, an application is installed on your PC that allows someone to monitor every thing you do on your computer
- A message that looks very official from CitiBank asking for account verification information
GENERAL EMAIL RULES
- Never open a file unless you were expecting it to be sent to you or *know* that it is from a legitimate source.
- Never supply personal information without verifying the request first
- Never reply to Spam to request being taken off their mailing list, this verifies they have a live address
- Never give out your password to anyone, ever! Change it often using alpha, punctuation and numeric charters
- Never install add-in applications associated with your email like Hot Bar
See these sites for more information:
- http://www.consumer.gov/idtheft/
- http://www.spychecker.com/spyware.html
Please contact your computing department if you have questions or comments.
Computing Administration Management Team