Over the last couple of months, the office of information security has seen a spike in email accounts being compromised and setup to send spam out to the internet. We’ve even had an incident where some of our employees’ bank account and routing numbers were changed in our direct deposit portal. These compromises usually begin with an employee receiving a fraudulent (phishing) email stating that there’s a problem with an account and it needs to be updated. Their goal is to steal your username and password and take control of your account for a variety of reasons. Most appear to come from Information Services, but some have been forged to look like they came from Human Resources.
No reputable organization will ever ask you for personal information over email. If they do, refuse to give it to them. Emails with links that are asking you to “Click Here” to update personal information must be scrutinized. Is that link really taking you the place that it says, or has it been forged and is taking you to a place to steal your password? It is not difficult to validate the authenticity of an email. Know the red flags. One red flag is not necessarily an indicator of a phishing attempt. However, you must make the judgment call. If it looks suspicious, get a second opinion, or send it to firstname.lastname@example.org; we’ll validate it for you.
Look at the From Line - is it from a person or organization that is associated with the contents of the email?
Is the Subject line demanding that you do something immediately?
Is it personalized to you? Generic emails can be a red flag.
How's the grammar and spelling? Poor grammar and misspelled words could indicate it's from a foreign country.
Hover over the hyperlink with your mouse and you should see the web address of the true destination. Is it going to a place that makes sense? If the email is from the UTMB helpdesk, then it should be taking you to a utmb.edu address.
Let’s say it’s a well-crafted phishing email and you clicked on the link; it’s not the end of the world. It’s going to take you to a webpage that will ask you for information. Again, think about the red flags.
Is the site branded to the organization that it’s associated with? A UTMB page should have a UTMB logo.
Look at the address bar, does it make sense, are you at the correct site?
Is it asking for information other than your username and password? If the site is prompting you to enter credit card, bank account or social security numbers, it’s an outright scam; exit the page immediately.
Last, but definitely not least, if you enter your username and password and it doesn’t take you anywhere, or it takes you to a place you weren’t expecting, your account information was probably just stolen. Change your password immediately and contact the service desk at x25200.
Phishing phone calls – We’ve had several reports of folks receiving phone calls from “technicians” claiming to be with Microsoft. The call usually starts off by informing you that your PC has been identified as being infected with a virus, or something to that affect. Their goal is to take control of your computer and install malicious software that could capture sensitive data, such as online banking information, usernames and passwords. To make matters worse, they’ll try and charge you for the software installation. If you receive one of these calls, simply say “no thanks” and hang-up.
If you have any questions regarding this email, please contact the office of information security at 409-772-3838 or email us at email@example.com