The word "Phishing" is a variant of the word "fishing." It generally comes from an analogy of spammers sending many emails (casting a wide fishing net) in hopes of catching a user (the fish). Though many users don't fall victim to the scams, it only takes a few to make it successful for the spammer.
"Phishers" typically attempt to steal information from you. This information includes (but isn't limited to) STUDENT/FACULTY ID and password, email login information, banking information, and more. Attackers can use this information for different reasons including gaining privileged access to OLHCC's network, sending malicious spam from your email account, stealing sensitive personal information, etc. Your financial/banking information could be used to steal your identity, pilfer funds from your account, send money out of the country, and more.
Most phishing scams can be avoided by sticking to these basic principles:
What do you mean by "treat all links as suspicious"?
Many emails are sent like a Web site with HTML code behind the scenes. This is done in order to include Web links, display images, and provide other special formatting. However, web links can be deceiving. (Example: The following text link - not-an-OLHCC.edu site - opens the official OLHCC web site.)
This recent spam email was an easy 'phishing' ploy to spot:
From: Molly Cooney <firstname.lastname@example.org> the sender's email address showed up in the email
Date: August 15, 2013, 6:12:55 AM CDT
To: "email@example.com" >
Subject: Notice concerning your email account
Notice concerning your email account
Dear Account User,
This is to inform you that your email account has exceeded
storage capacity and it is generating a continuous error script (code:505).
Soon you will not be able to send and receive e-mails and your e-mail account will be blocked from the server. You need to reset and validate your account.
To do so please
CLICK HERE NOW To re-validate and reset your email account. Please login with valid information by clicking on the link above.
Thank you for your cooperation.
THE MAIL TEAM
You shouldn't automatically trust what you see in email messages.
As long as you do not click on any malicious links or respond to the email with personal information, you as well as your computer should not be at risk.
Text links that appear as one link but lead to another should be treated as highly suspicious.
How do I check where the links actually go?
If you are using a desktop or laptop with a mouse, you may easily 'hover' the mouse cursor over the link. The actual destination of the link will either appear in a popup box next to your cursor or it may appear at the very bottom of the email window. See below.
As always, if you have any questions, concerns or comments, please feel free to email the IT department via firstname.lastname@example.org
If you would like to learn more about phishing and other email scams, go to Public Service Announcements