Monday, April 20, 2015

Email Phishing Attacks - When to be suspicious and what to do before clicking that link.....

It's no secret that phishing attacks are happening more frequently and becoming more complex.  ITS reposted a Google alert in the fall showing how phishing attacks occur and what attackers do once they've obtained access to your account:

A series of messages received over the weekend has generated a lot of questions to the ITS Client Services Helpdesk asking "Is this Legit?".  As with most messages, the message contained a warning about email quota or account security and was supposedly from "The Helpdesk".  The messages also directed users to click on a malicious link in an attempt to capture their account information.

If you receive a suspicious message, please contact ITS to verify authenticity before providing your account credentials or any personal information. 

A copy of one of these messages is below:

Clicking the link brings users to an unbranded page with some generic wording and solicits the username, email address, and password of the user:

Take a moment to run through Google's Security Checkup. The Security Checkup will insure that recent activity on your account is legitimate, that the add-ins accessing to your account are legitimate, and that the forwarding addresses that have been configured in gmail are legitimate:

If you see any strange account behavior, do not hesitate to contact us at: or (718) 862-7973