School navigation

Information Technology

Phishing Information

Phishing:  A targeted email claiming to be from a legitimate source you trust.

The email messages may contain valid links, familiar images and logos, and even valid email addresses.  The messages usually explain that your username and password are needed due to some maintenance or upgrade and request that you reply and send in your user account and/or bank information.

They also contain links to websites that may appear legitimate, like a webmail or bank login page; however, the site is a fake and when you enter in your name and password, the information is stolen.  

Always exercise extreme caution when clicking on links that are hidden in text.  Try to hover over the text and if the full URL is not available, go directly to the website yourself and navigate to where the message is trying to take you.   

Please DO NOT give your password to anyone!  Information Technology will never request this information, nor will any reputable company, whether it is your bank or your ISP.

Please DO NOT reply to the email!  Responding not only confirms the validity of your account, which enables the attacker to alter their methods to still try and obtain your credentials, but also generates unnecessary traffic on LC’s network and resources.

IF YOU CLICKED on the malicious link contained in the email message, please change your password immediately from the IT website > Forms and Requests > Account Password Change/Reset.

 (https://www.lclark.edu/information_technology/forms_and_requests/password-management/)

 

Reporting entities

 

  1. Internet Crime Complaint Center (IC3)https://www.ic3.gov/default.aspx
  2. United States Computer Emergency Readiness Team (US-CERT)https://www.us-cert.gov/report-phishing
  3. Googlehttps://www.google.com/safebrowsing/report_phish/
  4. Google’s built-in ‘Report Phishing’ menu option from the original message 

 


 

Recovery - if you responded to the phish

 

  1. Change your password (if this password is used in multiple places, change it there too and keep your passwords unique)
  2. Check your account settings - Use Google’s Security Checklist - https://support.google.com/mail/checklist/2986618
  3. IF you sent money, contact the Information Security Officer immediately | Jess Odom
    (FBI Cyber Squad will be consulted)