Phishing

From The University of Akron Support Center Wiki

Jump to: navigation, search
Image:Exclaim.png Attention!
The University of Akron will never e-mail you and ask you to disclose or verify your UA password.
If you receive a suspicious e-mail with a link to update your account information, do not click on the link! Instead, report the e-mail to The University of Akron for investigation. Contact information for ZipSupport can be found here.

image:Notice.png Notice
Passwords expire every 180 days. You can reset the password yourself at https://auth.uakron.edu or by contacting ZipSupport.

Contents

What is Phishing

From Wikipedia, the free encyclopedia

In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, Youtube or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users.

Responding to a compromised account

If you discover that your account is compromised for any reason including responding to a phishing email, it is important to inform your system administrator or computing support desk as soon as possible. Every second that your account is compromised is another second that your online presence is out of your control. Examples of what hackers will do with your personal information include everything from sending an email to everyone in your address book, an attempt obtain additional identities, to opening lines of credit, and selling your personal information to other hackers. Generally, the system administrator will not punish you for reporting that your account is compromised. However, you can be held legally accountable for any actions taken by the hacker.

If your account has been deactivated due to Phishing

You must understand the following:

  1. How to recognize phishing attacks
    • The phishing email will usually ask for a username and a password
    • The grammar and spelling of the message is often poor
    • The return address is from some "web-administrator" or "email-administrator" address
  2. Settings of the email account must be carefully reviewed, including signature, name, and reply-to address.
  3. The password must be changed and previous password cannot be reused!

If you need assistance with any of these points please contact or visit the ZipSupport Center.

Once you have understood these points, contact the ZipSupport Center to have your account reactivated.


Failure to follow any of these items may lead to their account being locked again.

Phishing targeting UA

Fraudulent Example

Verify Your Uakron Account Now

Dear Uakron Account Owner,

This message is from Uakron messaging center to all Uakron email account

owners. We are currently upgrading our data base and e-mail account

center. We are deleting all Uakron email account to create more space for

new accounts.

To prevent your account from closing you will have to update it below so

that we will know that it's a present used account.

***********************************************************

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : ......... .....

EMAIL Password : ...............

Date of Birth : ................

Country or Territory : .........

***********************************************************


Warning!!! Account owner that refuses to update his or her account within

Seven days of receiving this warning will lose his or her account

permanently.


Thank you for using Uakron!

Warning Code:VX2G99AAJ


Thanks,

Uakron Team

Uakron.edu BETA

Additional Information

Additional information regarding a compromised Google Apps account can be found at : http://www.google.com/support/a/bin/answer.py?answer=134413.

Personal tools
Categories