Protecting Yourself From Fraudulent and Malicious Emails
Protecting Yourself From Fraudulent and Malicious Emails
What are fraudulent or malicious emails?
Past Due Invoice…..
UPS Tracking Information…..
Unpaid Parking Ticket….
Overdue Payment….
Have you received emails with similar subject lines? They are commonly referred to as fraudulent or malicious emails. Fraudulent and malicious emails falsely claim to be a legitimate authority and request an action, normally visiting a website, or opening a document. Usually, when completing these actions your computer becomes infected with a virus.
To protect yourself from fraudulent and malicious emails:
- Do not click links to invoices or orders. Look carefully at all links in emails. If you aren't sure a link is legitimate and safe, don't click.
- Hover over links in emails with your mouse to see the actual destination. Most email programs show the URL in the bottom left corner of the window when you hover over a link. Check whether the URL matches the link in the message text. If the message claims to be about the university, look to see if the URL looks like other university URLs you are familiar with.
- Be aware of impersonation attack emails. Impersonation attacks are emails that attempt to impersonate a trusted individual or company in an attempt to gain access to finances, data and install malware. Scrutinize sender addresses and links to spot these fraudulent emails.
- If the URL doesn't look right, don't click it!
- Double-check. If you are suspicious of a link or attachment, don't click. Check with the sender by phone or in-person to see if they actually sent the message.
- Be careful opening or downloading any Office document or Adobe PDF file.
- Do not open or download a document from an unfamiliar sender. Always look at the "from" field and the reply to (if there is one).
- Do not open or download a document shared or stored on a system or service you are unfamiliar with, and be cautious even if the storage is familiar.
- Preview the doc in Google Drive. It is reasonably safe to view an Office doc or PDF file in Google Drive and use the preview feature of Google Drive to view it. This might help determine if the doc is legit or a scam.
Additional information
- More on tech support scams: https://www.consumer.ftc.gov/articles/0346-tech-support-scams.
- Scholarship scams: http://www.fraud.org/back_to_school_scams (end of the article).
- Tuition payment processor scams (from 2016 but still current): https://www.forbes.com/sites/johnwasik/2016/09/11/scam-alert-avoid-college-payment-processors/.
To report fraudulent and malicious emails asking you to click on links, open documents, or provide your username and password, please use the PhishAlarm button found in your email application.
If you are receiving abusive or threatening messages directed at you personally, which are not spam, contact the IST Service Desk at 973-596-2900 to report.