Protect Yourself from Fraudulent Emails
July 2008 | By Bill English & Damon Armour
Information Technology Services is committed to protecting the online privacy of ASU users; therefore, the following information is designed to help you protect yourself from fraudulent email and password capture scams.
ITS does not send emails requesting user names, passwords, or other account information, nor will users be asked to verify or change personal information that is already on file without first displaying the existing information.
Be alert to suspicious emails.
Fake or spoofed emails will often look legitimate. They may include references to the university, other trademarks, logos, and/or links to realistic-looking web pages. Never rely on the name in the “From” field as this is easily altered.
Spoofed emails often invite you to re-verify account or personal information and are often initiated by the spoofing party without any action on your part. Ask yourself, Does the email:
- seem out of place, or is it a response to a question I posed to a legitimate person;
- create a sense of urgency or have time limits which I did not expect;
- contain spelling or grammar errors;
- contain offers for prizes or awards that are not expected;
- contain links to strange websites or websites whose names and URLs as displayed contain misspellings or don’t match;
If the answer to any of these questions is “Yes,” the email may be suspect. Treat these potentially fraudulent emails with the same caution as you would if a stranger approached you on the street and asked for your username and password.
If you are suspicious of an email or communication you receive, contact the ITS Help Desk at 706-737-1482 for assistance on verifying the legitimacy of the email. If the email is found to be fraudulent, the Help Desk will advise you appropriately.
These attempts at compromising your personal information will not only be on your work-related emails, but may be on your home email as well. Treat them with the same level of caution, and if you are unsure why a sender, for example PayPal or your bank, is asking you to reply to an email with your information, contact the sender in your customary manner in order to seek verification. Never use the reply feature of any suspicious email.
The Federal Trade Commission (FTC) is an invaluable resource for answers to questions related to email fraud/phishing and identity theft.
For details on phishing, visit http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm; for details on ID theft, visit http://www.ftc.gov/bcp/edu/microsites/idtheft/; and a great resource on information security can be found at http://onguardonline.gov/index.html.