INFORMATION SECURITY: PHISHING EXAMPLES

PHISHING EXAMPLES

At Binghamton University, we take your online security seriously. It's important to be aware of phishing attempts and how to protect yourself. Here's what you need to know:


Recent Phishing Attempts:

To review the most recent phishing attempts, please visit ITS PHISH TANK.

For valuable tips on avoiding phishing scams, you can explore our phishing avoidance guidelines.

Protecting Your Online Security:

We want to emphasize that the University, along with other reputable institutions, will never ask for personal or password information through unsolicited email messages. No matter how convincing these emails may appear, it is crucial that you never respond to them or click on any links contained within. Your online security is paramount to us.

If you come across any suspicious phishing emails, please report them to our security team at security@binghamton.edu, and be sure to CC police@binghamton.edu.

Identifying Phishing Scams:

To help you identify phishing scams, here are some key points to consider:

Hover Over Links: Before clicking on any links in an email, you can hover your cursor over them to reveal the actual destination. If the URL appears different from what is visible, be cautious.

Grammar and Language: Look out for messages with broken English and grammatical errors; these are often signs of phishing.

Additional Resources:

Knowledge is your best defense against phishing scams. If you ever doubt the validity of a message, we encourage you to reach out to the organization using contact information obtained from verifiable sources like paper correspondence or the telephone book. To test your phishing detection skills, consider taking the SonicWALL Phishing IQ test.

Common Phishing Techniques:

While phishing messages can vary in design, attackers often use similar tricks. Here are some common tactics to watch out for:

Email Phishing: Be cautious of phishing scams offering fake job opportunities, particularly those promising employment as a personal assistant to professors. These scams may involve fraudulent checks.

Visions Federal Credit Union Alert: We've seen fraudulent checks in circulation, and Visions Federal Credit Union has taken action to stop them.

Although the employment offers are sent primarily via email, the solicitor has, at times, continued the conversation through text messages. Be mindful and stay alert. If you receive a check and have doubts about its validity, please bring your concerns to the Visions branch office in the University Union for assistance.


How to Identify Phishing Emails

1. Mismatched Sender's Email:

The sender may attempt to make their email address look like a "binghamton.edu" address, but if you hover your mouse over the sender's name, you can see the actual address. For example, the displayed name could be "Binghamton University," but the true address may be "polifarma@veloxmail.com.br." Phishing attackers often pose as trusted senders by altering their displayed name.

2. Suspicious Links:

Ensure that the links in messages lead to the sites they claim. If an email claims to be from a Binghamton University sender, the links for services should direct you to binghamton.edu web pages.

3. Requests for Personal Information:

4. Urgency to Respond:

A common technique used by attackers is to create a feeling of urgency to respond in order to make the targets feel compelled to act quickly, and without properly evaluating the legitimacy of the request. Messages that contain demands of response or action in a short time frame, and threaten action on their part if not met, should be especially met with suspicion.