I've received a suspicious E-mail (phishing) - What should I do?
From: "Technical Support"
Reply To: email@example.com
You are required to click on the link to verify your email account because we are upgrading our webmail.
Webmail Technical Support Copyright 2012. All Rights Reserved
Disclaimer: This email and its attachments may be confidential and are intended solely for the addressee. If you are not the intended recipient, please notify the sender and delete it from your system. Internet communications cannot be guaranteed to be timely, secure, error or virus-free, and the sender will not accept liability for any errors or omissions.
How can you quickly identify messages as a phishing attempts?
- "Verify your account"
The message asks you to reply and provide sensitive information like passwords or credit card numbers. The University would never ask you for this kind of information via email, and you should never send it via email for any reason.
- "If you don't respond within 48 hours, your account will be closed."
Phishing messages try to convey a sense of urgency so that you'll respond without thinking. It's always safer to check with the supposed sender of such a message via phone or in person before doing anything.
- "Click the link below..."
Phishing messages commonly include a link that appears to go to one place (eg. the University), but actually goes somewhere else (eg. the attacker's site, which is setup to look like the University site). If you hover your mouse over a link, the real destination generally appears in the status bar at the bottom, or in a small pop-up beside the link. If it doesn't match the link text or goes somewhere other than a mcneese.edu site, there's a good chance you've caught a phish.
- The message does not pertain to you.
Some recent phishing messages appear to come from the US Internal Revenue Service advising you of a tax refund. If you don't file taxes in the US, you can safely assume that such a message is a phish.
- Spelling and grammar errors.
It is common for phishing messages to include many spelling and grammar errors. Some of these errors, especially in the subject line, may be placed intentionally to try to confuse automated phishing filters. However, the absence of spelling/grammar errors doesn't necessarily mean the message is legit.
I've received unwanted E-mail - to whom should I report it?
- If you receive a generic spam or phishing message, just delete it.
- If you receive a targeted phishing message (eg. "Dear McNeese.edu User"), please alert us to the situation through firstname.lastname@example.org.
I'm receiving harassing E-mail - how can I stop it?
Where can I download files legally?
How can I tell if I've been hacked?
If you receive multiple messages from the contacts in your address book, saying that they received spam email from your address, then your email account may have been hacked.
Note: Spam can be sent to random people and look as if it's coming from you, but it's actually coming from somewhere else ("spoofing"). However, if you are getting multiple reports from people that are listed in your contacts, someone/something may have gained unauthorized access to your account.
A successful attack on your computer may be difficult to discover.
A couple indicators may be:
An abnormal increase in internet or network activity. This often manifests as slow downloads or slow internet access when you know that you're not doing anything particularly demanding.
Your computer may be being accessed remotely. This requires awareness of normal activity. A slow internet connection maybe harmlessly related to your ISP, your internet connection, or the sites that you're visiting.
Unexpected disk activity. A hacker/malware may be accessing files or programs on your computer. Again, this requires awareness of normal activity.
Note: When you are not actively using the computer or network, programs like the indexing service and backup utilities may be running in the background and accessing disks and the network.
The best advice is to follow common best-practices: regularly install updates, use a firewall, use current anti-malware software and be careful what you click on or download.
Facebook and social media
Your Facebook or social media account may compromised if posts appear on your Facebook wall or elsewhere that look like they are from you, but you did not submit them.
Note: Liking a page on Facebook, playing social media games, and sharing via social media can legitimately result in unintentional consequences. It is important to look for posts that could only have been submitted by you and yet you know that you didn't submit them.
If you believe any of your accounts have been compromised, change your password and recovery settings immediately.
How can I secure my workstation and mobile device?
- Keep up with system patches, and keep the operating system itself up to date! (Plan on rebuilding most systems once per year)
- Stop all running services which you don't intend to use on the system.
- When installing a system, limit network exposure until after you've patched and secured it.
- Monitor the system logs daily/frequently, and log everything you can.
- Use good passwords, the longer & more non-alphabetic the better. Change them often.
- Use secure transport methods and encryption.