Share

Go Phish!

Posted: June 30, 2015

In the simple children’s card game one opponent asks, “Got any threes,” and the reply when having no threes is, “Go Fish!” In the complex adult cybercrime world the opponent asks, “Got any Security Information?” and the reply is “Go Phish!”

In the world of cybercrime, phishing is the electronic attempt to acquire sensitive information by means of trickery.  All of us have seen the e-mails disguised as important messages from critical services – from the bank warning that your account will be closed, from IT Support warning that mail will be shut off, from the credit card that your card will be frozen.  And almost all have a helpful link – click here to resolve the situation!  That one click can lead to problems as slight as having to reinstall the software on your computer to things as dire as fighting a complete identity theft with stolen credit card numbers and Social Security numbers or to an incident as catastrophic as the compromise in the College of Engineering.

Penn State and the College of Ag do, in fact, send warnings that many of you receive.  These could be legitimate warnings about impending password expirations, or warnings that you are approaching a mailbox size limit.  Even though some legitimate email messages will have a live link to click on, it is safer to view the link and then manually type it into your browser.  Embedded links are easily manipulated and redirected to poisoned websites.  Manually entering the address into your browser to give you better confidence that you are reaching the legitimate server.

NO reputable, legitimate organization – no bank, no credit card company, insurer, employer, or IT department will EVER ask you to email your password.  None.

If you are interested in learning more about phishing, please view the article and resources at this website maintained by our colleagues at Penn State:  http://its.psu.edu/security/phishing-tips.html

AgIT is always happy to help you evaluate email messages for legitimacy.  Please believe us when we say that it is so much easier for us and for you to avoid a scam than it is to recover from a compromised computer or account.  Please feel free to contact your IT Consultant, or contact Ag IT Support by phone to 814-865-1229, by e-mail to AgCompSupport@psu.edu or using the help request form located at http://agsci.psu.edu/it/help-request.