Hill College

IT Security

College Students Internet Safety and Security Information

No Phishing!

Phishing is usually an attempt to deceive you into thinking a legitimate organization is requesting information from you. These requests for information may look innocent at first glance or may seem to come from a legitimate source, but do not. These scams normally request you to reply to an email or follow a link to a web site and provide your login information or other personal information.

A common form of phishing would be an e-mail (such as the one above) with a generic greeting warning of a change in an account requiring you to verify your account information. These e-mails typically include directions to reply with private information, or provide a link to a web site to verify your account by providing personal information such as name, address, bank account numbers, Social Security numbers, or other sensitive personal information.

Indicators of a phishing e-mail:

                  Name and e-mail address don’t match

Attempt to prove legitimacy using words such as ‘Official’

Uses a real organization or company name but incorrect e-mail address

Poor grammar

Unsolicited requests for personal information are a clear danger signal

Misspellings

Look for the “Possible Spam:” pre-tag in the Subject line

Will Hill College IT send legitimate e-mails that look like phishing scams?

The short answer is NO.  There will be times when legitimate messages must be sent to inform our e-mail users of various issues. These will not include password expiration notices, inactive account removal, or cases of account abuse.

Why can’t we stop these e-mails?

Our filtering system stops thousands of phishing attempts, spam e-mails, and virus infected messages every day, but the methods scammers use change very quickly.  Due to the variety of use for e-mail, we must also be careful not to implement filtering which may block otherwise legitimate e-mail.

How can you avoid phishing scams?

                  Never send passwords, bank account numbers, or other private information in an e-mail.

Avoid clicking links in e-mails, especially any that are requesting private information.

Be wary of any unexpected e-mail attachments or links, even from people you know.

Look for ‘https://’ and a lock icon in the address bar before entering any private information.

Here’s a phishing message that was recently sent to many Hill College users.  Can you spot the signs of phishing?

Phishing example