Campus notification: Spyware, phishing, and other email scams

Academic Technology and User Services at Western Washington University sent an email this morning reminding users of spyware, phishing and other email scams:

This message is a friendly reminder that "phishing" emails occasionally get through our spam filtering systems. Phishing emails are designed to install malware (e.g., spyware, viruses) and/or trick people into providing personal and private information -- often requesting usernames and passwords.

The latest example is a message that purports to be from Western Washington University (customer service). The message attempts to get recipients to click on a link that could then infect the users` machines or request personal information. IMPORTANT: if you have clicked on the link, update your virus definitions and run a scan immediately. If you have shared account or personal information, contact the Help Desk or your departmental IT staff right away.

Phishing email messages are designed to look legitimate. You can help protect yourself by following these tips:

  • Do not share your personal invitation electronically (e.g., passwords, PINs, security questions/answers, banking/account numbers, etc.) WWU Information Technology Services will never ask you for your account name and password in an email. Any message that requests such information is bogus. It is also against WWU policy for you to share your password with anyone. A message asking you to change your password through your normal process is very different than a message asking for your password.
  • If you have any doubt about an email message, delete it.
  • Remember that the return address on a message can be "spoofed". This means that that the address you initially see may not actually be the source of the message.
  • Do not open email attachments unless you requested it or are expecting it. Just knowing the sender (or thinking you know the sender) does not make the attachment safe.
  • Do not click on links in a message unless requested or expected. Links often point to malicious code that could install malware on your computer.
  • Be on the lookout for subtle language clues. Often these messages will use language constructs that are not typical.
  • If you have any questions about the content or instructions in a message you should always contact the source of the message. Checking a web page, making a phone call, or creating a new message is always safer than replying to a questionable message.
  • If you have responded to a message with your username and password or other personal information, you should immediately change your password and contact the ATUS Help Desk at x3333, or your local technology support staff.
  •  

Wishing you safe computing.