Phishing

Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, Social Security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince some recipients to respond to them.

 

Please remember that Duke will NEVER ask for your password or information about your account in an email.

How good are you at recognizing a phishing attempt? Carnegie Mellon's Usable Privacy and Security Laboratory has developed an educational quiz to test your ability to identify fraudulent emails and websites. Take the test. How good of an anti-phisher are you?  http://cups.cs.cmu.edu/antiphishing_phil. Here is a page of consumer advice on avoiding phishing scams: http://www.antiphishing.org/consumer_recs.html.

 

The IT Security Office recommends that users forward phishing emails with their complete and full headers to the OIT Service Desk (help@oit.duke.edu). The OIT website has instructions for revealing full headers for most common email programs.

 

Spear phishing is targeted phishing, often aimed at executives and employees with access to confidential data. Be wary of any email which asks you to reply with account information or click on a link, especially if the message is written to sound urgent. Be suspicious of impersonation if you receive urgent requests for money from a colleague or friend, as well - confirm the legitimacy of such a request by a completely different communication method (if you receive an email requesting funds, call the supposed sender to verify).

 

Update: March 2012

Duke’s Office of Information Technology (OIT) and the Duke IT Security Office (ITSO) have seen a tremendous up-tick in the number of email scams coming through campus email systems.  Some of the sample titles that have been seen include:

  • Subject: ACH transfer error
  • Subject: Important Notice!!!
  • Subject: Your Amazon.com order of "Omron <RANDOM NUMBER> Fat Loss ..." has shipped!
  • Subject: Your DUKE Login Needs To be Re-Confirm.

 

While the anti-spam appliances catch a large portion of these messages, and we are adjusting filters to help limit the spam from getting through, some messages may continue to show up in your inbox.  As such, here are several recommendations for protecting yourself.  

  1. Do NOT click on any links in suspicious messages.  The links that are in the messages referenced above could end up trying to install malware on your computer.
  2. If you get an email message that looks to be a scam, please visit the Sophos site for instructions on how to upload the message.  Doing so means that Duke’s anti-spam appliances have better information on what to mark as spam or scam. (http://www.sophos.com/support/knowledgebase/article/23113.html)
  3. If you have a DukeMail account, you can refer to this page for instructions on how to set up a filter to send spam/phishing messages to a Junk Mail folder: http://www.dunk.duke.edu/rkm/viewdoc.jsp?doc=4926&type=?&user=Self%20Help
  4. If you have a University Exchange account, you can refer to this page for instructions on how to set up a filter to send spam/phishing messages to a Junk Mail folder: http://www.dunk.duke.edu/rkm/viewdoc.jsp?doc=4348&type=?&user=Self%20Help.

 

 The Duke ITSO has published a short blog posts with other warnings regarding email scams over the Holiday season as well as a short phishing game to test your knowledge of scam websites. http://security.duke.edu/holiday-phishing-warning-quiz.  University email users should contact the OIT Service Desk for additional information or help at http://oit.duke.edu/help/.Duke Health System email users should contact the DHTS Help Desk for additional information or help at http://helpdesk.dhts.duke.edu/.