A-Z Index About Academics Admissions Life@CSUMB News Services

Information Technology

News

NEWS - 02.14.2006

Email Scams & Phishing

IT@CSUMB has noticed an increase in the number of scam e-mails coming onto campus claiming to be from financial institutions. These messages may appear to be from Washington Mutual, Paypal, or other banks, but they are from criminals attempting to gain access to your accounts.

If you receive a message that appears to be from a bank or online financial service saying that you need to update your account information, do NOT click on links embedded in the email. You should only exchange personal information with your financial institutions online by going directly to their site and logging into an SSL encrypted page.

Lastly, if you have questions about the legitimacy of an email, call the institution in question.

What is Phishing?:

Phishing is an email scam involving fraudsters who pretend to be a legitimate business such as a financial institution, credit card company, online service provider, or retailer, etc. Hiding behind the anonymity of the Internet, they send out "official-looking" emails or set-up bogus websites to trick you into divulging your account numbers, passwords, Social Security numbers and other sensitive data.

In most cases, the fraudster will use a "hook" such as an account problem alert or fraud warning to reel you in. The idea is to convince you there is an immediate need to update your financial or personal information (act now, supplies limited!).

How do I avoid getting lured into a phishing scam:

-Treat unsolicited email requests for financial information or other personal data with suspicion. Do not reply to the unsolicited email or respond by clicking on a link within the unsolicited email message. Your financial institution will never ask you to email to them your account number, password, Social Security numbers or any other sensitive data.

-Contact the actual business that supposedly sent the email to verify it is genuine.Visit a website or call a phone number that you know to be legitimate.

-Look for the lock. Prior to entering account information on any website, be sure to look for the "locked padlock" in the browser or "https" at the beginning of the website address to make sure the site is secure.

-Be cautious. Check your monthly statements to verify all transactions. Notify your financial institution immediately of any erroneous or suspicious activity.

-Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

-Patch your Operating System. Your operating system (like Windows or Linux) may offer free software "patches" to close holes in the system that hackers or phishers could exploit.

-Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

-If you believe you've been scammed, file your complaint at http://www.ftc.gov, and then visit the FTC's Identity Theft Web site at http://www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft.


Article orginally published in February, 2005.
Site Map  ~  Site Help
Terms of Use & Privacy Policy		Revised 9 February 2010  ~  Contact page manager
CSU Monterey Bay, 100 Campus Center, Seaside, CA 93955-8001  ~  831-582-3000