{"id":17126,"date":"2020-07-13T14:18:17","date_gmt":"2020-07-13T18:18:17","guid":{"rendered":"https:\/\/www.uvm.edu\/it\/dev\/kb\/?post_type=ht_kb&p=17126"},"modified":"2023-03-13T10:45:50","modified_gmt":"2023-03-13T14:45:50","slug":"managing-online-safety","status":"publish","type":"ht_kb","link":"https:\/\/www.uvm.edu\/it\/dev\/kb\/article\/managing-online-safety\/","title":{"rendered":"Managing Online Safety: Phishing and Spam"},"content":{"rendered":"

This guide contains information on detecting fraudulent online communications, mitigating the damage of a successful phishing or spam attack, and preventing future security breaches.<\/p>\n

What is Phishing?<\/h2>\n

Phishing is the fraudulent attempt to obtain sensitive information, or data, such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site. (Wikipedia<\/a>)<\/p>\n

Spam and Phishing attacks are the most common security concern that you will encounter in daily operations. While UVM does employ email filters<\/a> to help mitigate this issue, it is important to be able to identify and protect yourself from online fraud.<\/p>\n \t\t

\r\n \t\t\t

Examples of Phishing Attempts<\/h3><\/div>\r\n \t\t\t
\r\n \t\t\t\t
\r\n \t\t\t\t\t<\/p>\n

These are some common examples of phishing or spam attempts. If you see a communication that looks like these, please take extra precaution.<\/p>\n

\"\"<\/a>
An attempt to steal UVM credentials. This email links to a page impersonating UVM and asking for your information.<\/figcaption><\/figure>\n<\/p>\n

\"\"<\/a>
A fraudulent job offer. Emails like this are meant to entice recipients to give out personal information in hopes of receiving money or a job. Note that the sender’s name and email address do not match.<\/figcaption><\/figure>\n<\/p>\n

\"Unsolicited<\/a>
An unsolicited marketing email. This particular email links to a form requesting your contact information. Never give out your personal information to a site that you do not recognize. Note that this particular message has been labeled as potential spam by UVM’s filter system.<\/figcaption><\/figure>\n<\/p>\n

\n \t\t\t\t<\/div>\r\n \t\t\t<\/div>\r\n \t\t<\/div>\r\n \t\t\n \t\t

\r\n \t\t\t

Potential Consequences<\/h3><\/div>\r\n \t\t\t
\r\n \t\t\t\t
\r\n \t\t\t\t\t<\/p>\n

The consequences of a successful phishing attack can vary greatly in severity – from only requiring a password change, to requiring that you contact your bank to cancel credit cards or a governmental institution in the case of a stolen Social Security Number.<\/p>\n

Phishing attacks are a serious threat to the individual and to our institution. They are regularly successful in stealing information from politicians and other important figures, along with causing grave breaches in organizations like hospitals.<\/p>\n

For some context on how serious the results of an attack like this can be, see the following articles:<\/p>\n