Body
Phishing is the practice of fraudulently obtaining personal information. This information is then sold or used to gain access to services such as bank accounts, social networking sites, email, etc.
For example, you may receive an email from someone posing as tech support and asking for your password. If you send this phisher your password, they will have access to everything associated with your account. That’s why you should never share your password with anyone, even the SAU Help Desk.
Passwords aren’t the only pieces of information you need to protect. Think of all the websites that let you reset a password by answering a challenge question.
Let's say your security question is “What is your hometown?” and the answer is “Adrian.” Scammers can search the web and easily find this information from your Facebook profile or other sources. They can then use this information to gain entry to your accounts.
This is why you should always be cautious about any information you share about yourself online.
Protect yourself
In general, SAU's spam filter does a pretty good job of blocking phishing emails. However, things do get through from time to time.
Here are some tips to help protect your information, finances, and reputation:
- Never share your password.
- Don’t use the same password for all of your accounts (Facebook, email, bank, etc.)
- Pick a strong password (mix letters, numbers, symbols, capitals, lowercase, and aim for at least 12 characters) and change it often.
- Don’t transmit sensitive data, such as a Social Security number, via email.
- If an email looks suspicious, contact the Help Desk.
- Don’t click links in emails since scammers often disguise them to look like a familiar website.
- When in doubt, contact the Help Desk.
Keep in mind that phishing emails are only one part of a strategy called “social engineering.” Social engineering includes several tactics to gain personal information without having to guess a password. This means someone might call you on the phone asking for information, or even show up at your doorstep. Again, when in doubt, keep your private information private.
Visit BankSafeOnline.org to see a few examples of phishing messages.