First, what is “Phishing”?
Phishing is the vernacular for an attempt by a person to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication (usually an email). Here at the University of Waikato these messages usually claim to be from ITS, another colleague, social web sites, auction sites, online payment processors, or IT administrators.
Phishing emails often contain links to websites that masquerade as an internal Waikato login page, and can look quite convincing. Falling for a Phishing email can be quite devastating, and can involve personal financial loss to the staff member involved as well as the loss of corporate or student data. Once a “Phisherman” has access to your University account, they have access to your email and Google Drive. Ever emailed your credit card or bank account details to anyone? Now the hacker has those too!
Spotting a Phishing Email
1. The message contains a mismatched address2. Addresses contain a misleading or misspelled domain name3. The message contains poor spelling and grammar4. The message asks for personal information5. The offer seems too good to be true |
6. You didn’t initiate the action7. You are asked to send money to cover expenses8. The message makes unrealistic threats9. The message appears to be from a government agency
|
Still not sure if that message is legit? Forward the email to help@waikato.ac.nz and well check it out for you.