| |
Phishing for your Identity
By Dan Jones
Identity theft criminals are always looking for new ways to get your
personal information. The latest is called "phishing." Phishing
is a scam that uses spam or pop-up messages to deceive you into disclosing
your credit card numbers, bank account information, Social Security Number,
passwords, or other sensitive information. Here are a some recommendations
from the FTC to help not be caught by the phishers.
- If you get an e-mail or pop-up message that asks for personal or
financial information, do not reply or click on the link in the message.
Legitimate companies don't ask for this information via e-mail. If
you are concerned about your account, contact the organization in the
e-mail using a telephone number you know to be genuine, or open a new
Internet browser session and type in the company's correct Web address.
In any case, don't cut and paste the link in the message.
- Don't e-mail personal or financial information. E-mail is not a secure
method of transmitting personal information. If you initiate a transaction
and want to provide your personal or financial information through
an organization's Web site, look for indicators that the site is secure,
like a lock icon on the browser's status bar or a URL for a web site
that begins "https:" (the "s" stands for "secure").
Unfortunately, no indicator is foolproof; some phishers have forged
security icons.
- Review credit card and bank account statements as soon as you receive
them to determine whether there are any unauthorized charges. If your
statement is late by more than a couple of days, call your credit card
company or bank to confirm your billing address and account balances.
- Use antivirus software and
keep it up-to-date. Some phishing e-mails contain malicious software
that can harm your computer or track your activities on the Internet
without your knowledge. CU-Boulder has anti-virus software available
for current faculty, staff, and students.
- Be cautious about opening any attachment or downloading any files
from e-mails you receive, regardless of who sent them.
- Report suspicious activity to the FTC. If you get spam that is phishing
for information, forward it to security@colorado.edu. If
you've been scammed visit the FTC's
Identity Theft Web site to file a report and learn how
to minimize your risk of damage from ID theft.
Contact Information
Campus IT Security Office
(303) 735-HELP
security@colorado.edu |
|
Did You Know?
| Phishing is a scam that
uses spam or pop-up messages to deceive you into disclosing your
credit card numbers, bank account information, Social Security
Number, passwords, or other sensitive information. |
Quizzes
Is it Phishy?
Take these quizzes to see how well
your phish detector works. Please note: these links will take you
to a non-CU site.
|
Useful URLs
Check out these other
web sites to learn more about phishing:
|
|
