2015-08-18 by Nick Chapman for CTC
There has been a recent influx of Phishing email reaching many of our staff members. This seems to stem from a few weak or divulged passwords. Once an account is compromised, it may be used to email others with the intent of gaining access to those accounts, as well.
First and foremost, please be aware that you will never receive a request to divulge your password from Waterbury IT Technicians or the Computer Technology Center (CTC). If we were to require/advise a password reset, it would not be conducted through a web link. We recommend passwords be changed from a domain computer, after logging in, by simultaneously pressing ctrl+alt+del, then selecting change password. If we require an “on demand” password change, you would be prompted to change your password when logging in.
Using a few of the recent phishing emails, we’ve noted some red flags which should help in identifying potentially risky emails in the future:
- You are not the intended primary recipient - Is the email addressed to you? If not, you are probably added on Cc or Bcc (Carbon Copy or Blind Carbon Copy).
- Email not sent from valid authority - Was the email sent from a valid authority (on the subject)? A peer or someone you don’t recognize should not be sending you an email stating that you need to change your password or that your account is in violation. Additionally, Microsoft wouldn’t be interested in you changing your Waterbury password. One email is from “System Administrator” – any valid authority should use their own name. We occasionally send out emails from our “CTC/Computer Technology Center” email address, but they are primarily informative in nature.
- Not sound logic – A recent phishing email stated that your mailbox was full and that you needed to reset your password. Those things don’t go hand-in-hand. Logical flaws like that should raise suspicion.
- *Too generic – Watch out for generic-looking requests for information. Fraudulent emails are often not personalized.
- *Threats and Calls to Action – Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Most phishing campaigns include a call to action. If the content places any kind of urgency as far as “you must click into your account now”, it is potentially a scam.
- Note the URL – If you decide to comply and update your information pay attention to the URL (web address) you are directed to. In a recent email, when a user follows the “Click Here” link, they end up at the following URL/web address: http://facultyiirestaffaccount.jigsy.com/#builder. Needless to say, jigsy.com is not a trustworthy place to update Waterbury information. Also, secure sites where any personal information should be entered normally use https:// for safe information transport (the ‘s’ means secure).
[*information from http://blog.logmein.com/products/avoiding-phishing-attacks ]
If you are still unsure, try checking with your building technician or an administrator. Until you are assured, do NOT click any suspicious links or fill out any requested information.
Phishing: the activity of defrauding an online account holder of financial information by posing as a legitimate company.
Password Security: Please use at least 8 digits in your password. Including a mix of upper and lower case letters, as well as numbers and symbols greatly increases the strength of your password. Avoid favorite teams (uconn1) or using the name of your children (jessica1998) or other easily guessed words/combinations. It is suggested you use different passwords (or password variants) for each website needing credentials.