Another Phishing Scam To Be Aware Of

phishing scamPhishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (e.g., passwords, credit card, or other account info). The perpetrators then use this private information to commit identity theft.

One type of phishing attempt is an email message stating that you are receiving it due to fraudulent activity on your account, and asking you to “click here” to verify your information.

Phishing scams are crude social engineering tools designed to induce panic in the reader. These scams attempt to trick recipients into responding or clicking immediately, by claiming they will lose something (e.g., email, bank account). Such a claim is always indicative of a phishing scam, as responsible companies and organizations will never take these types of actions via email.

Perfect example of a Phishing Email.

I want to call your attention to how you can see this is a Phishing Email.

If you look at the link they tell you to click to open the fax, on the screen it shows you a URL….However if you over your Mouse over that URL you will see the TRUE location it takes you when you click on it.

eFax Message

eFax Message when mouse rollover to reveal URL

Help, I think I’ve been phished! What do I do?

If you believe you’ve been scammed, file your complaint with the FTC, and then visit the FTC’s Identity Theft website at ftc.gov/idtheft. Victims of phishing can become victims of identity theft.

Follow the guide below for specific steps to take according to the type of information you shared:

I accidentally sent…my email/username & password/passphrase.

You should… Change your password/passphrase immediately! For your IU network ID, visit: At IU, how do I change my Network ID passphrase?

If you’re using a free provider (Gmail, Hotmail, etc) and you find an increasingly and uncontrollable amount of spam, you may wish to change your email address as well. Unfortunately, IU is unable to change your Network ID/email address for spam-reduction purposes.

I accidentally sent…personal information such as: address, bank/financial account number, credit card number or information, answers to security questions, other personal information that can be changed, driver’s license/license plate.

You should… While there’s no way to “unsend” the email, many of these pieces of information are changeable (especially credit card numbers). Contact the appropriate organization or financial institution. You should also report this as identity theft and take action to protect your accounts.

Please note: the theft of a credit card (or credit card number) alone does not constitute identity theft (as determined by the FTC). You should, however, promptly call the financial institution and have the number changed. You can also work out any erroneous charges on your account.

Also, technically, yes — your address is changeable, if you move. However, consider that only as a last resort; most identity thieves attempt to collect thousands (even millions) of individuals’ information during phishing scams; they’re likely not singling you out as a target. If you feel your personal safety threatened, contact your local police department.

I accidentally sent…personal information that isn’t changeable — such as: Social Security number, mother’s maiden name, date &/or city of birth, health/medical information.

You should… Unfortunately, there’s not much you can do about this except defend yourself (electronically). Visit these pages about reporting identity theft and taking action to protect yourself. Being proactive and staying alert/aware of your credit is your best defense.

If you need assistance, please feel free to contact us and we would be more than happy to help!