Briefly, phishing is when a scammer sends out e-mails (or other communication) impersonating a legitimate organization and trying to trick people into volunteering personal account information. Despite spam filters for our e-mail server, some of these e-mails will still find their way into our mailboxes on occasion, and unfortunately a few of our campus community have been taken in by these schemes. Phished information can be used for credit fraud and other crimes of identity theft. In addition, when scammers are able to phish e-mail passwords, they can use the account information to send out a flood of scam e-mail. The sharp increase in the volume of mail messages causes legitimate mail to be delayed due to processing all the additional junk mail.
Although our e-mail system has spam filters preventing the majority of spam and phishing from getting through, the occasional spam/phishing attempt may end up in your e-mail inbox.
Never give up your password, social security number, driver's license number, or credit card information without double-checking that the party requesting it is in fact who they say they are.
Do not follow any links provided in suspected phishing attempts—you can use Google to find the correct web address or phone number for the organization. Legitimate institutions will not ask anyone to send them their password or any other sensitive information by email for any account.
E-mail from UIndy's Information Systems will always be signed by an employee, and staff will never ask for your password. Do not respond to any e-mail requests for your password.
E-mails from phishers can be pretty convincing, so it pays to know what to look for. Visit the following entertaining and informative websites to hone your anti-phishing skills.