Phishing scams, or fraudulent emails attempting to harvest your personal information, have been around practically since the inception of the internet, and they will not go away any time soon. Fortunately, there are ways to avoid becoming a victim yourself. Here are some basic guidelines in keeping yourself safe:
- Neither Penn State nor Athletics IT will ask for personal information, such as user name and password via email.
- Keep Informed About Phishing Techniques – New phishing scams are being developed all the time. Without staying on top of these new phishing techniques, you could inadvertently fall prey to one. Keep your eyes peeled for news about new phishing scams. By finding out about them as early as possible, you will be at much lower risk of getting snared by one.
- Think Before You Click! – It’s fine to click on links when you’re on trusted sites. Clicking on links that appear in random emails and instant messages, however, isn’t such a smart move. Hover over links that you are unsure of before clicking on them. Do they lead where they are supposed to lead? A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website. When in doubt, go directly to the source rather than clicking a potentially dangerous link. Call the sender to verify that the email is legitimate before replying.
- Verify a Site’s Security – It’s natural to be a little wary about supplying sensitive financial information online. As long as you are on a secure website, however, you shouldn’t run into any trouble. Before submitting any information, make sure the site’s URL begins with “https” and there should be a closed lock icon near the address bar. If you get a message stating a certain website may contain malicious files, do not open the website. Never download files from suspicious emails or websites.
- Check Your Online Accounts Regularly – Get into the habit of changing your passwords regularly. To prevent bank phishing and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check each and every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
- Keep Your Browser Up to Date – Security patches are released for popular browsers all the time. They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit. The minute an update is available, download and install it on your personal machines. Athletics IT will update browsers centrally for you in your office environments.
- Be Wary of Pop-Ups – Pop-up windows often masquerade as legitimate components of a website. All too often, though, they are phishing attempts. Many popular browsers allow you to block pop-ups; you can allow them on a case-by-case basis.
- Never Give Out Personal Information – As a general rule, you should never share personal or financially sensitive information over the internet. When in doubt, go visit the main website of the company in question, get their number and give them a call. Most of the phishing emails will direct you to pages that may look identical to the website in which you’re familiar where entries for financial or personal information are being requested. Never send an email with sensitive information to anyone.
For more information regarding how Penn State handles phishing or to report a phishing scam, click here to go to Penn State’s Phishing site.
If you have any questions regarding the legitimacy of an incoming email, contact us.
