Phishing (e-mail scams)

"Phishing" e-mails – scams designed to get you to reveal your personal information so they can access your accounts and steal your identity – have become more frequent and more targeted to SNC. This targeting makes them more dangerous because they’ve learned things about the College and adjusted their messages accordingly to try and make them seem more legitimate. Sometimes they even take over an SNC account and use it to send scams to other SNC people. Unfortunately, some SNC users have fallen for these scams and the results have been very serious, both for the individuals and the College. The most important thing to know about these types of messages is:

They are never legitimate. No one who works at St. Norbert College will ever ask you for your password, and we never send e-mail asking for personal information.

The only time we ever contact you about your account is:

1. If you’re nearing your quota, in which case you are simply asked to delete some messages, or
2. If your password is expiring (every 180 days), in which case you are directed to the Computer Account Management page, http://www.snc.edu/pw, to change your password.

It is important to learn to recognize these legitimate message from SNC:

View samples of those legitimate messages and tips to help you discern whether a message is legitimate (login required)

If you ever have any concerns about a message, ASK! We would much rather have people call and ask every day than have even one person fall for a scam.

Another important thing to remember: Messages from SNC Tech Support/Help Desk/IT will never be in your spam quarantine. If it's in there, it's not from us!

What happens when someone responds to a phishing scam

What happens to you: Your e-mail account is taken over. The perpetrators can then send spam & scams from your account, forward your mail to their own account so they get a copy of everything you get, and read/copy everything you have saved in your e-mail. Think about all of the things in your e-mail – pay stubs with bank account numbers, messages from banks and other online accounts, etc. With the information you send them and what they collect from your e-mail, the criminals will probably have enough to steal your identity.

What happens to the College: It only takes one person to mess things up for the entire College. How? Once they’re in your account, they use it to send spam. Spam coming from an snc.edu address causes SNC to get blacklisted, so e-mail from all snc.edu addresses is blocked by outside companies/organizations. This gives SNC a bad reputation, causes a lot of work for our IT staff who have to get us off of the blacklists, and frustrates a lot of SNC people who can't send e-mail to their colleagues, friends, & relatives. Further, once they get in to your account, they may use it as a gateway to other accounts/systems, jeopardizing the safety of the College's systems and other users.

Examples of some of the scams we’ve seen

Subject: ST. NORBERT COLLEGE INTERNET USER
From: St. Norbert College <webmaster@snc.edu>
Message body: asks for User ID and Password, and threatens to deactivate the webmail account if the recipient does not reply.

Subject: Confirm Your School Webmail Details
From: School WebMail Support Team <info@websupport.com>
Message body: asks for E-mail id, Password, and Date of Birth, and threatens to suspend the webmail account if the recipient does not reply.

Subject: Dear Edu Subscriber
From: customersadmin@eduboard.edu
Message body: asks for your "Edu Email Account Username and Password" and threatens to "render your email account deactivated from our database."

Subject: Your mailbox has exceed it's quota limit
From: "St. Norbert College"
Message body: says you have exceed the storage limit on your mailbox and directs you to click a non-SNC link to "upgrade your account."

For non-SNC scams, the messages appear to come from an established business (AOL, Amazon.com, eBay, PayPal, etc.) or financial institution (US Bank, Wells Fargo, Citibank, etc.) with whom lots of people do business. They may claim that there's a problem with your account, that they've had computer system problems and lost your information, or that there's been fraudulent activity on your account (which is exactly what they intend to perform!). They ask you to click on a link in the message to go to the company's web site and "verify" or "update" your information. If you click the link in the e-mail message, however, the web site it takes you to will be a fake site run by the scammers, which they've set up to look exactly like the real site for that company. Whatever information you enter on the fake site gets sent to the criminals, who then use that information to get into your account(s).

There's no end to the types of clever scams they think up. There are even scams where they take over someone's e-mail account, and then e-mail all the person's friends pretending to be the person. They claim to be having some kind of problem and need money, for example that they've traveled to another country and were robbed and need money to get home. There are many variations of these scams, so you can't rely on any particular word, address, or other indicator to identify them. Instead, just remember that no legitimate company or organization would solicit your personal information in this way.

What to do when you get a phishing message

Just delete it.

How to avoid becoming a victim of one of these scams

This is an area where the technology can't protect you (until someone invents anti-scumbag software!), so you have to protect yourself. There’s no need to avoid online shopping, banking, and bill paying, just use good common sense & caution.

• Be suspicious of everything. While this may not be a healthy attitude to have in your daily life, you have to think that way when you're online. A little skepticism will help you avoid doing something you'll kick yourself for later.
• Remember that real banks, online merchants, and other companies, as well as St. Norbert College, do not send you e-mail asking for personal information. (If they did, then you wouldn’t want to do business with them anyway.)
• If you receive one of these messages, do not reply, click on the links, or call the phone numbers listed in the message. If you’re concerned that the message might be a legitimate SNC message, call the Help Desk. If you think it might be from your bank or credit card company, get out your card or statement and call the number listed there. If you think it might be from an online company, go to their home page by typing the address yourself (e.g., www.paypal.com) and investigate from there.

What to do if you’ve responded to a phishing scam

Immediately change your password to something that’s as complicated as you can make it – using symbols, upper- and lower-case letters, and numbers – and is completely unlike your previous password. (No, you can’t just stick a different number to the end of the same password. You shouldn’t be doing that anyway!)

If it’s your SNC account, call the Tech Support Help Desk right away and ask to speak to a professional so that we can assess any damage to the College’s systems and resources and advise you further. If it’s a non-SNC account, contact the company via telephone, explain what happened, and have them put the appropriate fraud alerts on your account.

If you only remember one thing...

No one who works at St. Norbert College will ever ask you for your password, and we never send e-mail asking for personal information.

Questions

If you have questions about this information, or if you are ever unsure about the legitimacy of an e-mail message, contact the Technology Support Help Desk at xHELP/4357 or helpdesk@snc.edu.

Printable version of this page