Phishing

The Wikipedia definition of phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites (YouTube, Facebook, MySpace, Windows Live Messenger), auction sites (eBay), online banks (Wells Fargo, Bank of America, Chase), online payment processors (PayPal), or IT Administrators (Yahoo, ISPs, corporate) are commonly used to lure the unsuspecting.

Unfortunately, “phishing”, with its first documented attack back in 1967, is increasingly occurring and methods to thwart these incidents include legislation, user training, public awareness, and technical security measures. At CCRI, IT would never request any account information from any constituents through an electronic means. If it looks like a valid request from any organization for any confidential information, be skeptical!

Hackers today have extremely sophisticated methods of providing an appearance that you would swear would be the “real’ thing. Spoofing banks, credit card companies and other payment processors is easier than ever for them. Thousands of these spam-like messages are electronically dispersed every day to unsuspecting victims who willingly comply because it seems like the right thing to do. The IT department at CCRI urges you to never give or share your CCRI account information to or with anyone. We ask that you inform us of any attempt to obtain this information from you by anyone, whether appearing to be on- or off-campus.

Phishing is one of the primary means of electronic theft identity and you can help to stop it.

Have you had any experiences with hackers phishing for your account?