OIS Says Don’t Take the Bait

OIS Says Don’t Take the Bait

IMAGE|


Due to a recent uptick in phishing attacks here at ATU, the Office of Information Systems has been working to educate students, faculty and staff of the increasingly sophisticated tactics that cyber attackers use to gain personal information.

Phishing is a type of cyber-attack that uses deceptive emails, text messages or websites to try to gather personal information, such as account credentials, financial details or any other sensitive information. Most of the time, the person behind the phishing content is presenting as a reputable company (banks, universities, etc.) in order to trick people to give them their information.

The “golden rule” when it comes to dealing with phishing is to never give away any information to the attacker, especially if you’re still not sure if it’s legitimate or not. Reputable organizations will almost never request sensitive information over email, especially if the request is unprofessional, unprompted and urgent. Attackers often try to create a sense of urgency, and trick you into acting fast to claim a reward or avoid a bad situation. 

Before you click the link, pause and scrutinize the email. If you do get to the point of inputting your information, check to make sure the URL of the website is credible and matches the organization requesting information from you. 

 

Tips to help identify phishing:

  1. Be cautious with email links and attachments, especially if you do not know who it is coming from. 
  2. Verify the sender’s credibility by double checking the email address, and cross reference it with known and trusted contact information. 
  3. Be aware of emails sent from external senders, or from addresses outside of the university or organization. 
  4. Scrutinize all email content. Look for spelling and grammar mistakes, unusual requests that involve sensitive information or requesting money in any way. 

 

Sensitive information includes social security numbers, addresses, phone numbers and other emails, date of birth, debit card, credit card, and bank account information, username and passwords and security question answers, as well as sending out a Duo Push code.

When in doubt, always err on the side of caution. You can always reach out to the Campus Support Center at (479) 968-0646, or visit Ross Pendergraft Library 150, to verify the legitimacy of any suspicious emails you receive.