How to Protect Yourself from Phishing Scams and Other Email Threats
- Never send sensitive information, like passwords, through email
- Never reply to a suspicious email
- Never click on any links within the body of a suspicious email message. These links could redirect your computer's browser to rogue websites and cause malicious software to be downloaded to your computer
- Never download file attachments in an email which is from an untrusted or unknown source
- Delete any suspicious email message without opening it
Note: Whittier College IT Services or any other legitimate organization will NEVER ask for your login name, password, or other sensitive data via email.
If you feel you may have unwittingly replied to a phishing message or have opened an email virus, please contact Whittier IT Services immediately.
What are Email Phishing Scams?
Phishing is the criminally fraudulent process of attempting to acquire sensitive information via email such as user names and passwords by masquerading as a trustworthy entity. The vast majority of these email messages are blocked by the Whittier College and Whittier Law School email gateways, and never get delivered. However, some messages occasionally do get through and may be delivered to your mailbox.
Phishing messages often give clues to their fraudulent nature. These include:
- Misspellings in the subject or body of the message
- Incorrect grammar in the subject of the message
- A company's website may be misnamed, e.g., www.payspal.com instead of www.paypal.com
A large percentage of phishing messages purport to be from PayPal or Facebook. If you have an active PayPal or Facebook account, be very cautious about the types of information you provide via email. Both PayPal and Facebook have their security policies available on their websites. By familiarizing yourself with these policies, you will be better equipped to avoid bogus email which claim to originate from these companies.
Some common phishing email themes include:
- Your School will Close Your Email Account Due to Inactivity or the Size of Your Mailbox. A message claiming to be from a educational institution requests that you send your logon account, password, or other pertinent information. The message states that if you do not do this, your webmail account or email box will be closed. Whittier IT Services will not ask for your username and password via email.
- There is a Problem with Your Facebook Account...Click on This Link and Submit Your Information. A message claiming to be from a popular social networking site, such as Facebook, requests that you send your logon account, password, or account information. The message states that if you do not do this, your account may be disabled.
- Someone Wants You to Send Money or Needs Your Bank Information. An unsolicited entity requests that you wire money immediately overseas or that you send sensitive information pertaining to your bank account.
- There was a Security Breach at Your Bank. We Need to Validate Your Account Information. A message claiming to be from a legitimate bank or financial institution requests that you send your user account and password (or other sensitive information) for validation purposes.
If you feel you may have unwittingly replied to a phishing message, please contact Whittier IT Services immediately.
What are Email Viruses?
Email viruses and other types of malware such as worms and Trojan horses are small software programs or scripts that can be delivered through email, usually in the form of file attachments. The email messages may appear to be from someone you know or an organization for which you are familiar. Once the file attachment is opened, the virus software may run and cause damage to your computer. Although most viruses are blocked at our college’s email gateways, some may get through to your mailbox. Do NOT open file attachments from untrusted sources.
