What is phishing?
A phishing website or message tries to trick you into revealing personal information by appearing to be from a legitimate source, such as a bank, social network, Google, or even UAH. If you receive a suspicious message, do not provide the information requested. Use the following tips to avoid getting caught by a phishing scam.
Think Before You Click
Pay close attention to sign-in screens. Cyber criminals can use links in emails, tweets, posts, and online advertisements to direct you to fake sign-in screens, where they can steal your password. Only sign in to your account when you are certain you visited the real site directly. Check the website address to be sure. **Also note that many phishing sites will have a web address very similar to the site they are mimicking, so you will need to pay very close attention.
You should always be wary of any messages that ask for your personal information or messages that refer you to a web page asking for personal information. You will never receive a request of this sort from UAH or i.t.solutions. If you receive this type of message, please do not provide any of the information requested. Google, UAH, and OIT will never send unsolicited messages asking for your password or personal information, or messages containing executable attachments. If you are unsure about an email that you receive from UAH or OIT, please contact the OIT Help Desk at 256.824.3333 to confirm the email.
Messages or websites phishing for information might ask you to enter:
- Usernames or passwords
- Social Security numbers
- Back account numbers
- PINs (Personal Identification Numbers)
- Full credit card numbers
- Your mother's maiden name
- Your birthday
What should I do when I see a phishing scam?
Most importantly, never reply to suspicious emails, tweets, or posts with your personal or financial information. Also, don't fill out forms or sign-in screens that link from these messages. In fact, it is safest to not click any links from suspected phishing attempts.
Most email providers, including Gmail, allow you to report suspicious emails and phishing scams. To report phishing in your UAH Gmail account, select the arrow in the upper-right corner of the message and click "Report Phishing".
Additionally, you can add a message to your spam filter for unwanted messages by clicking the "Report Spam" button.
(This information was adapted from support.google.com.)
Refer to Google Apps - Reporting Phishing and Spam for more information about handling these issues.