E-Mail Phishing

Remember: CLC and Minn State IT will NEVER ask you for your StarID and password via e-mail.

What’s Phishing??

Phishing is a fraudulent process with the goal of attempting to acquire your personal information.  From Wikipedia.com, phishing is described as: “In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.”  If you want to read the entire article, the link is: http://en.wikipedia.org/wiki/Phishing

The phishing process usually begins with the victim receiving a e-mail alerting you to a problem and asking you to reply with personal information or click on links.  These e-mails are fraudulent scams, and you should just ignore and delete them.

Here is an example of a actual e-mail:

“This message is from the University Messaging Center to all Email Account
owners. We are currently changing our Email System (INCREASED SECURITY)
due to on-going Internet scams requesting for Email Password. To prevent
your Account from closing you will have to update it below so that we will
know that it’s presently used.”

….. The e-mail goes on to ask for your e-mail username, password, date of birth, and states if you don’t provide the information, your account may be deactivated.

Clues to identify phishing e-mails

• Request for your username and password
• Threat that you will lose something (cutting off a service, suspending an account, etc.) if you don’t act in a timely manner. The goal of cybercriminals is to make the situation seem dire so that the victim feels obligated to provide personal information
• Notification that your computer has a virus or some other problem
• Incorrect grammar and/or spelling
•  A link that will solve your problem. If you are asked to click a link in a suspicious email, DO NOT click it
• The e-mail address that it was sent from is not familiar

If You Think an Email is a Phishing Attempt

• DO NOT click on any links in the e-mail
• Verify if it’s legitimate by contacting the sender by a separate known method (such as by calling the Help Desk)
• If you verified that a e-mail is phishing, please forward it to phish@minnstate.edu.  The System Office IT Security Team will verify and update the system’s Internet and spam filters to protect other users

If you think you’ve become a phishing victim

• If you’ve clicked on links or replied to e-mails and provided your username, password, or other sensitive information, the first thing you should do is change your password ASAP.
• Change your StarID password at the Minn State StarID Self-Service site: https://starid.minnstate.edu

Additional Information

Test your ability to spot phishing scams

• https://www.sonicwall.com/en-us/phishing-iq-test
• https://www.opendns.com/phishing-quiz/

Hopefully, this article has been helpful for safer e-mailing!

If you have any further questions, feel free to contact the Tech Services Help Desk at x8200