University Information Technology Services continues into the third week of the "fright-fest" of National Cyber Security Month issuing a warning to the IU community to "Beware of Phishing Scams."
"Phishers," use fake e-mail messages to gather a recipient's personal information (social security number, credit card numbers, passwords, usernames, ect). If successful, scammers then use the information to steal the victim's identity.
"Identity theft is becoming a bigger problem," Merri Beth Lavagnino, deputy information technology policy officer for IU, said. "The numbers are coming in at surprisingly large amounts."
The most common form of these e-mail frauds come as messages from national banks, credit card companies and popular retailers with whom the victim is affiliated. By asking to verify information for them to perform any number of tasks, a doorway to identity theft opens upon the victim's reply.
According to a study performed from October 2004 through August 2005 by the Anti-Phishing Working Group's Web page, the number of phishing reports (possible identity theft attempts) received has more than doubled -- making phishing one of the leading problems in online banking and shopping.
To ensure online safety UITS has provided several tips to assist in protection from and awareness of phishing scams and opportunities of identity theft.
Tips To Avoid Identity Theft:
Be Skeptical Many companies and organizations, including IU will never ask you for password information or other identification information via e-mail. If an e-mail is received containing a URL link to verify personal information of any kind, you should contact the company responsible to question their request of that action, even if the request looks legitimate. Dump It If you receive a message containing a suspicious request for personal information make sure to delete the message and then empty your trash of the files it contained to avoid accidental access their Web site. Order Your Email Plain Many scammers will provide you with URL's that look legitimate with a special text. Always opening your e-mail with a plain text will eliminate some, but not all, phishing attempts. Always Tattle If you receive what you believe to be a scam, report it. It is important to report these phishing attempts to avoid further harm to you or someone you know on another attempt -- just because you spy one attack doesn't mean the second attempt won't catch you off guard. Notify the company that was being impersonated as well as The Federal Trade Commission at the Web site www.ftc.gov. For more information about identity theft and phishing attempts, visit www.keepITsafe.iu.edu and www.antiphishing.org for a list of common and popular phishing attempts.
