Bryn Mawr College

As you may have been hearing around campus and/or seeing in your own email, we have been receiving a number of emails claiming to be from Computing which ask for your username and password.  Some of them also ask for other personal information.  These are known as Phishing scams.

What is Phishing?

Phishing is a type of identity scam, typically in email, which attempts to collect some type of personal information in order to gain access to your accounts, financials, personal data, or other pieces of your identity.  The word is a play on “fishing” because the spammers are fishing for your personal information.

Phishing attacks do not just happen here at Bryn Mawr; you will also receive them in other email accounts you have, and some may come in the form of Internet pop-ups.

Those most recently received at Bryn Mawr are focused on collecting email passwords with the intention of taking over (or compromising) email accounts.  In the past, we have received a number of other types of scams.

What can happen if my email account is compromised?

• The “Phisher” who has your password will have full control of your email account, meaning that not only can he or she read your email and collect additional personal information from it, but they can also delete or redirect valid emails, delete emails, change settings, and have access to your address book.
• Compromised accounts are often used to send out thousands of additional spam and phishing messages.
• If compromised College accounts are being used to send spam, the entire College can be affected both by email server slowdowns, and by brynmawr.edu being identified as a spammer, causing emails from *any* Bryn Mawr address to be blocked from sending to other institutions, and to major providers like Gmail, Hotmail, Comcast, Verizon, etc.
• Having this password and access to your email account can, by a number of methods, allow the phisher to collect additional information about you and/or purport to be you, leading to further identity fraud.  In extreme cases, this could have a personal financial, credit-based, or legal impact.

How do I protect myself and the College?

• Never send any of your passwords or other personal information via email, or enter your password into a field inside an email message. Bryn Mawr Computing will never ask you to give or send us your password, especially via email.  Most Internet Service providers (Earthlink, Comcast, Verizon, etc.), email services (Yahoo!, Google, etc.), and ALL financial institutions have the same rule, as do Haverford and Swarthmore.
• Messages from Bryn Mawr Information Services, especially about Computing related issues will *always* be signed with one or more person’s name and title. If you receive a message where the name is not familiar, or the message does not conform to this standard feel free to verify with the Help Desk or check the Computing Web site for verification.
• Look closely at the “from” or “reply to” address on the message for outside or mismatching domain info or other suspicious naming — if the message is from “brynmawredu@myadminstuff.com” rather thana being from a brynmawr.edu address, the message is definitely a fraud.
• If you attempt to open a message and receive a virus warning (even if the message claims to be from a friend), delete the message as it is a fake. This is especially true if the message claims to be a greeting card or something similar. If you are not sure, contact that friend and ask if they have sent you that type of message.
• Never open an attachment which looks suspicious or which you were not expecting to receive.
• If you have multiple email addresses, think about whether you expect the organization claiming to be contacting you to be using the address where you received the email.  For example, if your Bank of America, Paypal, and Ebay accounts usually use your Yahoo! address, then emails received at your brynmawr.edu address are likely to be fraudulent.

What if this has happened to me?

If you have responded to an email asking for your password, please change your password immediately, and change the passwords for any accounts which may use the same password.

If you feel your account has been compromised, or you have reason to believe that your computer may have been infected by an email-borne virus please contact the Help Desk immediately at 610-526-7440.

We always report any spam or virus traffic we can identify to our anti-spam service to help them improve their filtering. If you identify some, please feel free to send it to spam@brynmawr.edu. Please include full headers (if you need assistance with this, the Help Desk can help).

Where can I get more information?

The following sites have further information on Phishing in specific and Identity Fraud and Email Scams in general:

• http://www.brynmawr.edu/is/isir/documents/QuickTips-PasswordSafety.pdf
• http://www.swarthmore.edu/informationsecurity.xml
• http://www.haverford.edu/acc/protect/
  
• http://www.microsoft.com/protect/yourself/phishing/identify.mspx
• http://security.yahoo.com/article.html?aid=2006111501
• http://www.occ.treas.gov/consumer/phishing.htm
• http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
• http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt089.shtm
• http://www.onguardonline.gov/topics/phishing.aspx
• http://www.microsoft.com/protect/yourself/phishing/spear.mspx
• http://www.antiphishing.org/
• http://www.ftc.gov/bcp/edu/microsites/idtheft/
• http://www.antiphishing.org/consumer_recs.html
  

Related posts:

1. Be Aware, Part 2 Recently, many community members have been receiving spam and/or phishing...
2. Be Aware - Recent Email Scam Traffic Hello everyone, We have seen some fairly “believable” scam traffic...
3. * Scheduled Email Maintenance: Friday 5:30pm - 7:30pm* SUBJECT: Scheduled Email Maintenance DATE: 08/21/2009 TIME: 5:30pm - 7:30pm...
4. Test Drive the New Email/Calendar You are welcome to log in to our test server...
5. Monday Morning Reminder: email and Virtual will be using the new College password – our new integrated Communication Center is be available at...

Related posts brought to you by Yet Another Related Posts Plugin.