Difference between revisions of "Phishing"
(→Responding to a compromised account) |
|||
| Line 22: | Line 22: | ||
==Responding to a compromised account== | ==Responding to a compromised account== | ||
| − | If you discover that your account is compromised for any reason including responding to a phishing email, it is important to inform your system administrator or | + | If you discover that your account is compromised for any reason including responding to a phishing email, it is important to inform your system administrator or the [[Contact us|Help Desk]] as soon as possible. Every second that your account is compromised is another second that your online presence is out of your control. Examples of what hackers will do with your personal information include everything from sending an email to everyone in your address book, an attempt obtain additional identities, to opening lines of credit, and selling your personal information to other hackers. |
Generally, the system administrator will not punish you for reporting that your account is compromised. However, you can be held legally accountable for any actions taken by the hacker. | Generally, the system administrator will not punish you for reporting that your account is compromised. However, you can be held legally accountable for any actions taken by the hacker. | ||
Revision as of 19:21, 15 January 2020
|
Attention! The University of Akron will never e-mail you and ask you to disclose or verify your UA password. If you receive a suspicious e-mail with a link to update your account information, do not click on the link! Instead, report the e-mail to The University of Akron for investigation. Contact information for the Help Desk can be found here. |
|
Notice Passwords expire every 180 days. You can reset the password yourself by following the Password guide or by contacting the Help Desk. |
Contents
What is Phishing
From Wikipedia, the free encyclopedia:
In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, Youtube or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users.
How to report a Phishing Email
If you are using the Outlook client, you can submit emails like this using the report message tool. If you are using Outlook WebApp: Click the email then click on Junk and it will give you an option to report the email as Phishing/Junk or just block it.
Outlook Desktop Client
Outlook.com
If you are using Linux or third party email application you can send the email as an attachment to the following email addresses: phish@office365.microsoft.com
|
|
Notice You need to attach the email that you are reporting to a new email. Please leave the body of the email blank. |
Responding to a compromised account
If you discover that your account is compromised for any reason including responding to a phishing email, it is important to inform your system administrator or the Help Desk as soon as possible. Every second that your account is compromised is another second that your online presence is out of your control. Examples of what hackers will do with your personal information include everything from sending an email to everyone in your address book, an attempt obtain additional identities, to opening lines of credit, and selling your personal information to other hackers. Generally, the system administrator will not punish you for reporting that your account is compromised. However, you can be held legally accountable for any actions taken by the hacker.
If your account has been deactivated due to Phishing
You must understand the following:
- How to recognize phishing attacks
- The phishing email will usually ask for a username and a password
- The grammar and spelling of the message is often poor
- The return address is from some "web-administrator" or "email-administrator" address
- Settings of the email account must be carefully reviewed, including signature, name, and reply-to address.
- The password must be changed and previous password cannot be reused!
If you need assistance with any of these points please contact or visit the Help Desk.
Once you have understood these points, contact the Help Desk to have your account reactivated.
Failure to follow any of these items may lead to their account being locked again.
Phishing targeting UA
Fraudulent Example
Verify Your Uakron Account Now
Dear Uakron Account Owner,
This message is from Uakron messaging center to all Uakron email account
owners. We are currently upgrading our data base and e-mail account
center. We are deleting all Uakron email account to create more space for
new accounts.
To prevent your account from closing you will have to update it below so
that we will know that it's a present used account.
***********************************************************
CONFIRM YOUR EMAIL IDENTITY BELOW
Email Username : ......... .....
EMAIL Password : ...............
Date of Birth : ................
Country or Territory : .........
***********************************************************
Warning!!! Account owner that refuses to update his or her account within
Seven days of receiving this warning will lose his or her account
permanently.
Thank you for using Uakron!
Warning Code:VX2G99AAJ
Thanks,
Uakron Team
Uakron.edu BETA
Additional Information
Additional information regarding a compromised Google Apps account can be found at : http://www.google.com/support/a/bin/answer.py?answer=134413.
