News You Can Use
Don't get hooked by 'phishing'
University Relations
News Bureau (662) 325-3442
Contact: Kenneth Billings
July 24, 2008
STARKVILLE, Miss.-We've all seen e-mails saying "Verify your account" or "Confirm your e-mail identity," followed by stern warnings for failure to comply.
Nearly every time, the e-mail "alert" is an Internet con that seeks to take advantage-usually financial-of its recipient.
Online scam artists increasingly are more sophisticated in their attempts. By pretending to be schools, banks, stores, or government agencies, they most often seek log-in passwords, or banking or other business and personal data.
Tom Ritter of Mississippi State says victims of these "phishing scams" typically are far from naive. Rather, they are fooled by the on-screen appearance of widely recognized or official-appearing logos of legitimate institutions that mask a Web site created specifically for theft.
Ritter, security and compliance officer with the university's information technology services office, offers some steps to avoid being "hooked." They include:
- Never, ever giving out e-mail passwords, no matter how "official" looking the computer site appears;
- Being alert for certain bogus-site indicators, including poor grammar, punctuation and spelling in the text, and requirements to "Verify Immediately" the requested information; and
- Never, ever following site links contained in suspicious e-mails.
For more information about phishing scams and how to guard against them, visit http://www.infosecurity.msstate.edu/faqs/.