Skip to Content

Phishing Emails

What is phishing?

From Wikipedia:

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications claiming to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Example of a phishing email:

Example of a phishing email. Source: Wikipedia

Source: Wikipedia

How do I avoid becoming a victim of phishing?

  • Never respond to an email that asks for personal or financial account information.

    • CASIT and UO Information Services will never send out emails asking for account usernames, passwords, and PAC codes. This type of information should never be sent to anyone over email.

  • Do not trust “urgent” email demands for action.

    • It is a common phishing technique to foster a false sense of urgency in order to provoke a response. Phishing emails may claim that an account needs to be verified, that a purchase has been made in your name, or that you have become a victim of identity theft. These emails will then ask for a credit card number, social security number, or other personal information.

  • Do not trust unexpected emails that contain attachments or website links from people you do not know.

    • Many phishing attempts will attempt to guide you to a website that is a replica of a website belonging the University, your bank, an auction site, etc. If you doubt the authenticity of a link, type the URL of the website in by hand. For example, if a website says to click on a link to go to Duckweb, instead of clicking on the link, go to your web browser and type the URL manually, i.e. “http://duckweb.uoregon.edu

    • Increasingly, phishing attempts are not just attempting to gain access to your usernames and passwords. If you click on a phishing website link, the website may then attempt to automatically compromise your computer via security issues that can exist with your web browser or associated web plugins (e.g. Adobe Flash, Acrobat, Java, etc.)

  • Be aware that phishing can be performed over the phone as well.

    • CASIT will never initiate a phone call and ask for account usernames, passwords, and other personal information. In some cases, CASIT may ask for account information if you have already established a dialogue with CASIT concerning a technical support issues.

    • Some phishing emails will offer a local or 1-800 number for you to call where an identity thief will act as a representative of a legitimate company. If you believe the email that you have received is a phishing attempt but are concerned that it may actually be real and not fraudulent, please directly contact the purported sending institution. Do not use the information from the suspect email. Information Services has seen phishing emails that utilize VOIP phone numbers with 503 and 541 area codes to encourage recipients to provide confidential information over the phone to phishers.

  • Use a web browser that has phishing detection capabilities.

    • From our observations, Chrome and Firefox have a faster turnaround time in labeling phishing websites as fraudulent.  You may wish to use Chrome or Firefox over other browsers for this and other reasons.  If you prefer not to use Firefox or Chrome, there may be anti-phishing plugins or similar functionality that you can enable in your preferred browser.

    • Firefox will display this warning if it has detected a website suspected of phishing or hosting malware:
      Malware warning in Firefox
    • Chrome will display this warning:
      Malware warning in Chrome
  • Do not hesitate to contact CASIT desktop support staff if you suspect an email is a phishing email.

 

What can you do if you’ve received a phishing email?

  1. Forward the email to casit@uoregon.edu or your local IT department with full headers.

  2. If the email concerns any of your University of Oregon accounts, acquire the full headers and forward it to phishing@uoregon.edu so it can be blacklisted and made inaccessible from any campus computer.

  3. If the email concerns a non-University of Oregon account (e.g. personal Gmail, your bank, etc.):

    1. Report the link on PhishTank. To vote for links as phishing, you must create an account.

    2. Report the link to Google.

  4. If your email client provides a “Mark as spam or junk” function, do so to encourage it to filter these types of emails in the future.

  5. Delete the email.

What do I do if I’ve fallen victim to phishing?

If you provided personal information such as your password, credit card number, or social security number to a phisher, notify CASIT and the companies/institutions you have the compromised accounts with immediately.

Contact CASIT at casit@uoregon.edu or (541) 346-2388.

If you feel as though you’ve provided enough information, such as a social security number, for your identity to be used in an unauthorized manner, you can file a report, place a fraud alert on your credit and learn what to do next at the Federal Trade Commisions website.

If you sent a password to a phisher, change your password immediately.

This page was created using information from Jon Miyake in Information Services and https://it.uoregon.edu/node/2022