Phishing FAQs

hook, line, and keyboard
  1. What is "phishing?"
    "Phishing" (pronounced "fishing") refers to a form of fraud that attempts to acquire sensitive information (usually your username, also called login or loginID, and passphrase/passphrase). There are many variations, but the most obvious characteristic of a phishing message is that it instructs you to provide sensitive information either by replying to the message, or by clicking on a link and entering the information on a web page. There is no legitimate reason for anyone to request a password/passphrase or other sensitive data via email, and you should never respond to any such message.
     
  2. What should I do if I think I might have responded to a phishing message? 
    Call the Admin IT Help Desk at 530-752-1222 immediately if you think you have provided your passphrase or other personal information in response to a phishing scam.
    If you provided your passphrase, also immediately go to accounts.ucdavis.edu and change your passphrase.
  3. What if a message, which seems to come from someone at UC Davis, asks me to confirm my login ID and passphrase? 
    UC Davis will never ask you to do this via email or telephone. If you have questions about a suspicious email, or want to alert us about one, submit a ticket to the Admin IT Help Desk or email adminithelp@ucdavis.edu.

     
  4. How do I know if a message is a phishing scam? 
    Sample phishing email:
    http://kb.ucdavis.edu/?id=1989
    Phishing messages often:
    • Instruct you to supply your account information, including your password/passphrase, by email or by clicking on a link in the message and then entering the information via the web. This is never a legitimate request.
    • Have a "From:" line that sounds (and sometimes is) legitimate, but the message itself is vague.
    • Contain a threat if you do not supply the information, such as having your account deleted.
    • Have spelling and grammatical errors. Legitimate messages aren't always perfect, but with careful reading many scam messages become obvious.
    • Use a generic salutation rather than using your personal name.
    • Print and post this Don't Let Phishers Play You flier to remind you what to look for.
       
  5. What can happen if I reply to a phishing scam? 
    If you send them the information they request, they could use your email account to send millions of spam messages, open accounts under your name, or commit other fraud.

     
  6. How can I prevent my campus computing account from being compromised?
    • DO NOT respond to phishing scams in any way. It's that simple. Just don't answer. Don't click on links in the message. Delete the message immediately.
    • Be suspicious of messages requesting personal or account information.
    • Be suspicious of messages threatening to close or suspend your account if you don't respond with the information they want.
    • Check the authenticity of email messages by calling a company phone number known to be genuine.
    • See Cyber-Safety Basics for information about protecting yourself and your computer from other cyber-attacks.
    • See 10 Things Everybody Should Know about How the Email World Works for more tips about email.
    • Read even more about phishing at www.us-cert.gov/cas/tips/ST04-014.html.
       
  7. Why doesn't the campus just block phishing scams like we block spam? 
    We employ multiple layers of the latest and best anti-spam, anti-virus, and anti-phishing technology available. Unfortunately, these systems cannot block all malicious email.

     
  8. I've never replied to a phishing scam, but have been getting spam emails from my own email address. How does this happen? 
    These emails result from a very easy spammer technique called "spoofing." All spam has a spoofed (or forged) "From" address. Unfortunately, there is no way to prevent the use of someone else's "From" address in email. If you receive more than five spam messages from yourself per day, contact the IT Express Computing Services Help Desk at 530-754-HELP (4357).

     
  9. What happens to compromised accounts? 
    When UC Davis identifies a compromised account, the account is locked immediately. If your account is locked, you must go to one of six passphrase reset locations in campus computer rooms, prove your identity, and change the passphrase. 
    Click here for more information.

These tips were sourced from the UC Davis Security website. We've modified them slightly to reflect that the Admin IT Help Desk is the first point of contact for FOA staff members.

Category

Tags