• Home
• Students
• Faculty
• Staff
• Visitors

• AccessID
• E-mail
• Services
• Info / Advice
• Hardware
• Network / Internet
• Computer Security
• Software
• System Status
• Telephones
• About C&IT
• Contact Us

 

E-mail phishing puts your personal information at risk

One way to catch a fish is to trick it with bait that looks like food. Phishing on the Web works the same way.

Thieves send authentic-looking e-mail with real organizations' logos, such as PayPal, eBay, or MSN. If you take the bait by clicking or replying to the message, you could lose your money or even be a victim of identity theft!

While early phishing messages were sent indiscriminately in the hope of finding a customer of a given bank or service, recent research shows that scammers may be able to establish what bank a potential victim has a relationship with, and then send an appropriate spoofed e-mail to the victim. Such targeted versions of phishing, when messages contain infromation specific about an orgnaization such as Wayne State University, are called spear phishing.

What to do if you receive a phishing e-mail:

• Never reply to an e-mail message requesting a password, user name, account number, or personal/financial information — no matter how legitimate the message may seem or who appears to have sent it. Be assured that WSU will never ask you to e-mail your computer account password or other personal information.
• Delete the message. Viewing it typically does not harm your computer; the damage comes from replying and providing a stranger with your personal information.
• Report suspicious e-mails at WSU, or ask questions about the legitimacy of any e-mail by copying the suspected e-mail into this form: calltracker.wayne.edu/phishreport/
• If you did reply to the phishing message, call the C&IT Help Desk at (313) 577-4778, Monday through Friday, from 8 a.m.-8 p.m. or send an e-mail to helpdesk@wayne.edu.

Don't forget to trust your instincts. If an e-mail message looks suspicious, that probably means it is.

What to look out for

• Is an e-mail legitimate? Information and examples on what to look for (from WSU C&IT) – Examples of phishing scams sent to WSU e-mail accounts
• Field Guide to Phishing (from MailFrontier, Inc.) – Clear, concise explanations, and visual presentations of sneaky, dangerous phish that may find their way to your computer, along with some suggestions on how you can protect yourself.
• Recognize phishing scams and fraudulent e-mails (from Microsoft Corp.) – A picture of what a phishing scam looks like and how to tell if an e-mail message is fraudulent.
• Spear phishing: Highly targeted scams (from Microsoft Corp.) – A description of a spear phishing scam and tips to help you avoid them.
• Protect yourself from fraudulent e-mails (from PayPal) – Guidelines and examples of fraudulent (spoof) e-mail.

Ways to protect yourself

• How to avoid being a victim (from staysafeonline.org) –
• Consumer Advice: How to avoid phishing scams (from Anti-Phishing Working Group) – Recommendations to use to avoid becoming a victim of a phishing scam.
• How to handle a suspicious e-mail (from Microsoft) – Guidelines to help protect yourself from phishing scams sent through e-mail.

Test your phishing skills

• Phishing IQ test (developed by MailFrontier for MSN) – Phishing IQ Test helps people learn to identify online phishing fraud.

How to report suspicious e-mail messages

• Use the WSU Phishing Report form to report phishing, or other suspicious e-mails, that request personal or protected information. Taking steps to limit these messages, sooner than later, will aid in reducing the harmful effects these messages have on our campus network.

What to do if you've been scammed

• C&IT Websites where you can get help analyzing a potential problem and removing any malware that may have been put on your computer
• Self-service – Virus and malware removal
• WSU departments – contact your local support person.
• For home computers – contact the C&IT PC Clinic.

Phishing archive

• Archive of phishing and identity theft e-mail scams (from millersmiles.co.uk) – Website where you can look for specific information on e-mail scams and phishing.

More Help

• Practice safe computing: use e-mail responsibly – C&IT Web page that points out e-mail pitfalls and shows you how to minimize or avoid them by using e-mail responsibly.
• C&IT safe computing principles – A group of C&IT Web pages that identify ways you can stay safe online and explain the most common challenges associated with computer security.
• Computer security awareness video contest winners - These winning videos were submitted by college students for Video Contests sponsored by the EDUCAUSE/Internet2 Computer and Network Security Task Force and the National Cyber Security Alliance.
• Con Artists Attack Colleges With Fake Help-Desk E-Mail – A phishing article from the April 18, 2008 issue of The Chronicle of Higher Education.

• WSU Home
• Faculty and Staff
• Academics and Libraries
• Research
• Apply to Wayne State
• WSU Directories

• Future Students
• Current Students
• Schools and Colleges
• Campus and Community
• Athletics
• About Wayne State

Computing & Information Technology (C&IT)
Last modified on October 8, 2008
WSU Acceptable Use Policy
Contact the Webmaster