Stop Scammers: IT Shares Best Practices to Combat Email Fraud
Crooks, hackers, and all the other bad guys on the internet don’t want you reading this.
They want you to let your guard down and be drawn to the email offer of free computers, amazing discount opportunities, or even what appears to be a friendly communication from a friend or colleague. needing help. It only takes one click and they win.
Lucky for you, a team of experts from the University of Mississippi in the Office of Information Technology are constantly analyzing and tracking malicious, fraudulent, and phishing emails flowing between Ole Miss accounts. Behind the scenes, the IT department has systems in place to reduce exposure to spam, malware and phishing emails on college networks and systems. But they still need your help.
Nishanth Rodrigues, Chief Information Officer and Chief Information Security Officer of UM, with help from the IT Security Committee, shares a number of tips to help you identify spam messages and prevent them from happening. wreak havoc on your accounts:
- Use your olemiss.edu Where go.olemiss.edu account for unified messaging business:
Emails sent from the address assigned by your organization will not have [EXTERNAL] in the body of the email, verifying that the message is from a trusted source.
- Pay attention to [EXTERNAL] tag on emails:
The external beacon is a flag placed on all mail from outside the organization. It comes from an unknown source outside the university and needs to be looked at carefully.
- Watch out for posts that flag services that are too good to be true:
Cheap pet sitting and unexpected lottery / heirloom funds are examples of phishing attempts to elicit responses that contain valuable personal information. Tips for identifying phishing messages are available at https://itsecurity.olemiss.edu/phishing-tips.
- Watch out for identity theft scams:
Scammers can send emails that appear to come from a trusted authority – such as a bank, eBay, IT Helpdesk, Microsoft, Zoom, etc. – to trick you into providing a username, password, credit card or even social security number. Also watch for messages claiming to be from a coworker / boss asking for a cell phone number or buying gift cards. Another red flag is part-time job offers promising payment in advance.
- Never open an untrusted attachment:
Attachments are the most common way to spread malware, which can grab your personal information or even render your machine unusable. Only open the attachments you expect from users you trust. If in doubt, check with the shipper or an IT professional before opening.
- Investigate suspicious messages:
Check https://itsecurity.olemiss.edu/phishing to see if any message has been recently reported. Hover your mouse over a link / address or long press on a mobile device to identify questionable URLs (https://technews.olemiss.edu/identify-phishing-attacks/). A scammer can substitute a letter or phrase from a domain to make you believe the URL is legitimate, for example using “paypal.net” instead of paypal.com or “goggle.com” instead of google. com. They can also use a link shortening service to hide the “real” link they send. Fortunately, most link shortening services allow you to preview a link before clicking on it, such as adding a + symbol at the end of a bitly.
- Any spam or junk message should be marked as “junk” so that it no longer fills your inbox. Phishing messages that appear to have malicious intent – a fraudulent message from a chair asking for your cell phone number – can be reported to [email protected], which will result in follow-up action from our IT Security Coordinator. .
- Keep an antivirus program installed:
The University’s Symantec Antivirus – https://itsecurity.olemiss.edu/antivirus – will scan email attachments before downloading them and prevent you from accessing malicious web pages. It can also help remove malware from your computer.
- Risks of phishing:
- Identity theft: This information can be used to access your financial accounts, make purchases, or even secure loans on your behalf.
- Viral infections: Some scam emails contain links or attachments which, when clicked, download malware to your computer. Others may also install keyloggers that record your computer’s activity.
- Loss of personal data: Malware can encrypt files on a victim’s computer and deny owners access to their files until they pay a ransom.
- Compromising institutional information: If your university IT account is compromised, crooks can gain access to sensitive institutional information and research data.
- Putting friends and family at risk: If your personal information is accessed, attackers will scan your accounts for personal information about your contacts and, in turn, attempt to phish their sensitive information. Phishers can also send emails and social media messages from your accounts in an attempt to get information from your family, friends, and coworkers.
For more information on the university’s computer systems, visit https://olemiss.edu/depts/it.