UPD crime prevention tip: phishing

This notice appeared in the Weekly Phoenix between November 2, 2021 and November 8, 2021.

November 2, 2021

The University Police Department crime prevention tip for the month of November pertains to phishing.

About Phishing Scams 

Phishing refers to sending an email that tricks a person into clicking on a link or opening an attachment. The goal of phishing is to steal information, such as user names and passwords.

Phishing email messages ask you to send or “confirm” sensitive information like your login ID and passphrase, bank or credit account numbers, and PINs. They often threaten to close your account. These scams sometimes ask the reader to visit a website to provide this information. The messages often appear to come from an organization you trust.

TIP: Florida Poly will never ask you for your password via email, telephone, or a non-campus website.

Why should you care? Why phishing scams are a big deal? What is the risk? 

Clicking the link exposes the user to malicious code which may install malware on their computer. Once installed, malware provides an attacker access to files and passwords on the computer.

Clicking on links in phishing emails or entering your username and password on malicious websites, can put your information at risk – this includes not only University’s data but also your personal data. Through phishing emails, attackers can gain access to confidential University information, steal money from your bank accounts, and steal your identity.

Phishing scams can cause huge problems for the people who respond, and for their organizations (e.g., universities and businesses). Thieves can use the information they get to send spam, open credit card or bank accounts in your name, change passphrases to lock you out of your accounts, and commit other forms of identity theft.

Think before you reply! Sharing sensitive information with phishers can cost you hundreds of dollars and hours of time.

What’s safe to do, and what isn’t? 

There is very little risk in simply opening emails. In almost all cases, opening an email will not result in compromise.

The risk is in clicking on links or opening attachments. Attackers can email you infected attachments that install malicious software, commonly referred to as malware. Clicking on a link in an email can take you to a website which steals login information or installs malware on your machine without your knowledge.

Avoiding phishing scams

Never reply to messages that request sensitive information. Do not click on links, reply to the message, or call phone numbers provided within the message. Don’t forward the message to friends, family or coworkers.

If you think a message is legitimate, find a phone number in your other correspondence with them and call to ask them about the email message.

How to spot a phishing email?

Phishing emails can be hard to recognize, and every phishing email is different. Here are some telltale signs:

  • Bad spelling and grammar
  • Deceptive links
  • Sense of urgency
  • No name in email

What can you do?

Click wisely. Click only links and files that are expected, and only from people you trust. Out-of-character or suspicious emails that appear to come from a colleague may be phishing. If you aren’t sure, don’t risk the click.

For more information, email University Police or call 863-874-8472.