Identifying Phishing

Description

Phishing is when internet attackers impersonate someone or something you know to get you to disclose sensitive information, such as your password or credit card details. Anything from your bank routing information to learning if you have an account with a particular service are all valuable to the attacker. This article provides advice and tips to identify phishing attempts, and what steps to take if you believe you have been a victim of phishing.

Environment

Email, Mobile Devices, Web Browsers

Table of Contents

Recognizing Phishing Attempts

The first step in avoiding phishing attempts begins with recognition of what a phishing attempt may look like, or key elements that provide insight into whether an email, website, or text message is phishing or legitimate. The following video, "Spot the Signs of Phishing," provides useful information about recognizing phishing emails.

Signs of Phishing Messages

Below is an excellent checklist to use to verify that an email, website or text message is legitimate and not a phishing attempt. If it fails any of these checks, it's likely a phishing attempt.

  • Unsolicited. Don't trust emails you weren't expecting to receive that ask for information.

  • Too good to be true. If it sounds too good to be true, it probably is. Part-time job scams often offer to pay an exorbitant amount of money for a simple task.

  • Asking for personal or financial information. Don't reply to emails requesting this information, report them.

  • Deceptive web links. Hover your mouse on the hyperlink to view its true destination. If you don't recognize it, don't click it.

  • Variations of legitimate addresses. For example, an email address ending in @ohio-edu.org instead of @ohio.edu (the University's official domain).

  • Fake sender's address. Click the sender's name to view their email address.

  • Requesting urgency. The attacker wants you to act quickly so you don't notice the email is suspicious.

  • Fraudulent sites often don't start with https (the s stands for secure). Never sign into websites that aren't using https.

  • Misspelled words and bad grammar. A legitimate email would proofread and fix these errors before sending.

Check the Phish Bowl

You can check the commonly received phishing messages that the members of Ohio University receive via the Phish Bowl. The Phish Bowl is a tool designed to promote phishing awareness and provides a list of all of the reported potential phishing messages, with a verdict of whether the message is phishing or legitimate.  As wide-impact phishing messages are reported, they will be posted on the Phish Bowl along with a verdict and a date. Phishing messages come in a variety of formats. Be sure to check out types of phishing messages to see common phishing attempts the University receives.

Types of Phishing Messages

There are many types of phishing messages. The following list provides the most common examples of phishing attempts:

  • Email impersonation or spoofing is a forgery of a message so it appears to have originated from a legitimate sender. This is a popular tactic by attackers as the recipient is more likely to open a message from a familiar source. These attacks often turn into gift card scams, where the attacker influences the individual to buy gift cards.

  • Part-Time Job Scams often target college students or alumni who may be searching for job opportunities. These scams are fake job offers that are usually too good to be true, offering high wages for little work. Be wary of any unsolicited emails with this characteristic, especially ones that send a check prior to you beginning any work. The attacker often will request you to wire a portion of the check back to them, and you will lose that amount of money.

  • Emails tagged as malware have been identified to contain a link or an attachment that directs your machine to install malicious software. Generally, malicious software can delete or steal personal information, slow down your computer, encrypt your files and hold them for ransom, or display unwanted advertisements.

  • Extortion email messages threaten the recipient and demand a payment, often in the form of a cryptocurrency like Bitcoin. A popular extortion category is known as sextortion, where the attacker will claim they have malware installed on your computer that captured embarrassing photos of you. Attackers may also leverage previously breached credentials for services tied to your email address to provide a level of authenticity to their message.

  • Vishing is a type of social engineering attempt that takes place over the phone. A random number or spoofed phone number calls and the attacker attempts to collect valuable personal information by claiming they are a debt collector or other type of customer service representative.

  • Spear Phishing email messages are more targeted and personalized in order to increase chances of fooling recipients, spear phishing attacks use publicly available information to impersonate the target's friends, relatives, coworkers, and other trusted contacts. The attacker will gather information about you through your social media accounts or through your employer's webpage.

    • Tip: Do a web search for your name and see what results are returned. Is there any information you're not comfortable being public? Attackers can use this information to customize a phishing message for you to make it appear more legitimate.

What to Do if You Have Been a Victim of Phishing

If You Clicked a Phishing Link

If you clicked on a link or button in a scam email and entered your OHIO ID and password into the resulting site, you should change your password immediately. If you need assistance changing your password, contact the IT Service Desk at 740-593-1222 or servicedesk@ohio.edu.

Get help from OIT

Additional resources

  • For additional information on identifying malicious emails, visit StaySafeOnline for a wide variety of educational resources to learn how to protect yourself, your family, and your devices.

Was this helpful?
0 reviews

Details

Article ID: 822
Created
Tue 3/12/24 8:57 AM
Modified
Thu 3/28/24 5:38 PM