What are phishing scams?
Phishing scams can come in several forms, but the main phishing method is via fake emails that are designed to look legitimate. Phishing scams aim to trick you into disclosing your private information such as your Social Security number, credit card numbers, or accounts and passwords. Scammers will use language which is designed to get you to act right away, such as:
- Your mailbox has exceeded its storage limit. Click link to upgrade your email account.
- You must validate your account by clicking the link, or it will be suspended/terminated/closed.
- Your account has been upgraded and you must click the link to log in and verify it.
- Some documents have been assigned to you for review. Click the link to access the documents.
- Your salary review documents (or raise confirmation) are ready. Click the link to access them.
Phishing emails not only may look authentic, but may include a familiar sender’s name and/or email address in the “From” field.
Fake online web forms
Scammers frequently redirect the links in their phishing emails to fake (“cloned”) online forms, which may look real, but are hosted by external online web services. Unsuspecting victims are fooled into disclosing their passwords and other account information via these forms, which the scammers can then use for profit or to gain further access to your other accounts.
How Pace University addresses suspicious emails
Pace University has strong protocols in place to catch and filter out most incoming spam. In addition, starting this past July, we also added a warning to the beginning of all email messages containing embedded web addresses from identified web form hosting sites. The warning note reads as follows:
For a listing of the identified web form hosting sites, visit Web Form Services and Phishing. We
strongly recommend that users take extra precaution before replying, clicking, or sending information to these identified web forms.
Protect yourself from phishing scams
1. DO NOT respond to these emails, and DO NOT click on links or attachments or provide any personal information. Delete the email message from your Inbox and then permanently remove it from your Deleted Items folder.
2. DO NOT share your account information and/or passwords with anyone. Pace University will never ask for your personal information or validation of your account information through email. LEARN MORE ABOUT SPAM…
3. DO NOT visit untrusted websites. This will reduce your computer’s chances of getting infected with malware.
4. DO NOT provide your username and password to anyone. It can lead to fraudulent account access and identity theft.
Please visit the Phishing section on Pace’s Potential Risks with Email and Internet page to learn more. For more details and best practices to protect yourself online visit Pace’s IT Security website.