Phishing
Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do. Often these scams are sent as emails, but they can also try to trick with you text messaging, phone calls or on social media. Anytime someone is creating a tremendous sense of urgency and rushing you to take an action, or someone is promoting an offer that is too good to be true, this is most likely an attack.
Phishing emails often attempt to use emotional triggers to get you to react quickly without thinking through whether you should respond, such as dire language about time limits, loss of service, penalties, or language targeting a desire for money. They often have grammar, spelling, and syntax errors, and phrasing that a native speaker would not use.
An example would be an email with a generic greeting warning of a change in an account requiring you to verify your account information. These emails typically include directions to reply with private information or provide a link to a web site to verify your account by providing personal information such as your name, address, bank account numbers, Social Security numbers, or other sensitive personal information.
-
Name and email address don’t match
-
Urgency of action to be taken
-
Attempt to prove legitimacy using words such as ‘Official’
-
Uses a real organization or company name but incorrect email address
-
Poor grammar
-
Unsolicited requests for personal information are a clear danger signal
-
Misspellings
-
Never send passwords, bank account numbers, or other private information in an email.
-
Avoid clicking links in emails, especially any that are requesting private information.
-
Be wary of any unexpected email attachments or links, even from people you know.
-
Look for ‘https://’ and a lock icon in the address bar before entering any private information.
-
Have an updated anti-virus program that can scan email.
For Staff forward the email to ITHelp@smc.edu or for students StudentITHelp@smc.edu. This is extremely helpful as we have tools to block the sender and remove the scam from other employee inboxes.
What Should I Do If I Have Been Scammed by Phishing?
-
Change your SMC (Santa Monica College) login credentials
-
Change login and password for any personal accounts that share the same password such as:
-
-
Online banking
-
Personal email
-
Online purchasing (PayPal, Amazon, eBay, etc.)
-
iTunes account
-
Social media (Facebook, Twitter, blogs, etc.)
-
Online backup service or file sharing (Dropbox, Mozy, Carbonite, etc.)
-
-
Do not use the same password for your SMC account that you use anywhere else. Can't remember them all? Consider using a password manager to manage all of your personal passwords (we recommend LastPass - it's free).
-
Contact the abuse or fraud department of the service being impersonated (eBay, PayPal, etc.)
-
Email ITHelp to let us know.
-
If you suspect a bank or credit card account may have been compromised, contact that institution to check your account immediately and request a credit report.