What is Phishing?
What is Phishing?
Phishing is essentially an online con game, and phishers are nothing more con artists and identity thieves. They use spam, malicious websites, email messages, instant messages, and even phone calls to trick people into divulging sensitive information.
.
Since phishing scams are designed to appear as if they come from reliable sources, it is smart to know the difference between real and fraudulent messages and how to spot some of the clues that a message may be a scam. Watch the video to learn how to spot and protect yourself from a phishing scam. Then read about the common types of phishing scams and tips to help you avoid falling into their trap.
Phishing Video
How to help Delaware Tech's email system (MS Outlook) filter phishing emails
You can help Microsoft learn to filter this by using Outlook’s “report message” feature:
-
- In Outlook (desktop app) open the message in its own window. At the top right, look for a “report message” button.
- In Outlook on the Web, open the email and look across the top of the email window for “Report”.
- In Outlook for iPhone or Android, open email and look for a three-dot menu button. One of the menu options is “report junk”.
In each case, you’ll need to choose whether the email is Junk or Phishing. It counts as phishing if they’re trying to trick you into clicking a link, giving up login info, or sending money. You can still report such email to us at cyber-security@dtcc.edu, it helps keep us in the loop on what’s happening. You should send us the email first, because when you use the process above, it will automatically delete the message for you after reporting.
Common Phishing Scams
Email Phishing Scams
Phishers commonly use real company logos and spoofed email addresses to make their communication seem legitimate. The message entices the recipient to provide information that could be used for identity theft or online financial theft. A phishing message typically includes a link to a fake website or attachment that is designed to mimic the site or document of a legitimate business.
Fake Search Results Scam
Fraudulent companies frequently use paid search ads for their “support services” and can appear at the top of a search results page. These results, which can look like the real thing, can promise offers that seem too good to be true in hopes of luring in a victim. Unfortunately, when you click on the ad, malware may begin to download to your device, compromising the security of your information and adding to your computer woes.
Pop-up Warning Scams
Pop-ups occur when someone is browsing the internet and sees a small graphic or ad appear on their screen. Malicious pop-ups can be terribly intrusive, making it difficult for the user to close the pop-up window. These pop-ups may display a message stating that the computer is infected with malware and offer a phone number for help with removing the malware.
Tech Support Call Scams
Tech support calls are when a scammer calls a potential victim claiming to be from a reputable security company. They claim to have found malware on the victim’s computer and offer a solution by getting the user to install a type of remote desktop software. This allows the attacker access to the computer and install real malware. These scammers will often ask for a fee to “fix” the issue.
Vishing Scams
Vishing is the voice version of email phishing. It is a phone scam in which individuals are tricked or scared into handing over personal information to scammers.
Quick Phishing Tips
Think Before You Click
Never click on a links or attachments in an email or website unless you are absolutely sure of its authenticity. Watch out for shortened links, especially on social media.
Never Give Out Personal Information
Never give out personal or financial information over the internet. Always check the address of the website and be sure it is a secure site that starts with “https“.
Beware of Threats and Urgent Deadlines
Ignore the scare tactics and contact the company separately through a trusted web address or phone number.
Verify a Site's Security
Make sure the website’s URL begins with “https” and there should be a closed lock icon near the address bar. You can also check the site’s security certificate as well.
Browser and Operating System Up-to-date
Security updates are regularly updated for web browsers and operating systems in response to security loopholes phishers and other hackers exploit.
Use Anti-Virus Software
Use of a good Anti-Virus can help guard against known technology workarounds, loopholes, and websites. Be sure to keep this up-to-date as well.
More Tips to Avoid Phishing Scams
Download a print version (PDF) of this page with additional information and tips about Phishing.
What to do if You've Been Scammed
- Change your passwords on your computer as well as any financial institutions and any other password-protected websites that you visit should be updated.
- Run a Full System Scan for viruses on your computer.
- Contact your bank to report that you may have been the victim of fraud.