Phishing email messages, websites, and phone calls are designed to steal money or information. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer. Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you, call you on the phone, or convince you to download something off of a website.
Here is an example of what a phishing scam in an email message might look like.
Spelling errors and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam. For more information, see Email and web scams: How to help protect yourself.
Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address.
Links might also lead you to .exe files. These kinds of file are known to spread malicious software.
Threats. Have you ever received a threat that your email account would be closed if you didn't respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised. For more information, see Watch out for fake alerts.
Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.
Can you spot a phishing email? Take this short quiz to find out.
To avoid phishing scams, never click the links provided within these types of email messages. If you feel the message may be legitimate, go directly to the company's website by typing it in your browser or contact the company by phone to see if you really do need to take the action described in the email message. Delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the fraudulent web sites it contains.
If you use Internet Explorer as an internet browser, you should enable the Phishing Filter. This feature enables a portion of the web browser to change colors to signify that the page you're on is a known phishing site.
Firefox has a similar feature. To turn on this feature go to: Tools > Options > Security. Check Block Reported Attach Sites and Block Web Forgeries.
If you do fall victim, tips for damage control are available on the Phishing Web Page.
For avoidance tips, more info and examples try these sites:
You can report these phishing scam attempts to the company that's being spoofed.
We've heard all of the excuses – "Everyone is doing it so the authorities will never single me out for prosecution." "I didn't know I was doing anything wrong!" "I'm not hurting anyone." "My roommate said making a backup was okay." "There wouldn't be a place on the web to download it if it wasn't okay."
The bottom line is unless you own the copyright; you can't copy or share it without permission. That includes music, videos, software or textbooks from the Web. If you do it, it is stealing and it is just as illegal as shoplifting. It is against the law and against the Appropriate Use of Information Technology Policy and the Copyright Regulation Policy .
It's just not the Auburn way.
I believe in honesty and truthfulness, without which I cannot win the respect and confidence of my fellow men...
I believe in obedience to law because it protects the rights of all...
And because Auburn men and women believe in these things, I believe in Auburn and love it.
- George Petrie (1945)
(excerpts from The Auburn Creed)
Auburn University is obligated to enforce the Digital Millennium Copyright Act (DMCA) – and it's the right thing to do. To protect you and Auburn University, peer-to-peer (P2P) file sharing is not accessible via our wireless network, AU_WiFi. File sharing web sites and applications, including those that share illegal audio and video files, are blocked to prevent copyright violations. Legal methods to download music on the Internet will continue to be accessible.
Auburn University has received complaints from the owners of copyrighted works being pirated by users in the on-campus residential community and AU is held accountable for the actions of these students. The University and the employees or students committing the violations could be held liable for damages. When accessing download-able digital resources off-campus you'll have to let your conscience be your guide. So, no excuses – don't download copyrighted material without permission!
"Everyone is doing it so the authorities will never single me out for prosecution."
In the recent past there have been a number of students wearing orange and blue who thought the same thing. They were wrong. Legal action was filed against these Auburn University students by the Recording Industry Association of America (RIAA). It's no joke. In the last few years, Auburn received hundreds of legal notices of violations.
Criminal penalties for first-time offenders: up to five years in prison and $250,000 in fines.
Civil penalties: thousands of dollars in damages and legal fees from $750 up to $150,000 PER SONG.
"I didn't know I was doing anything wrong."
This is one excuse that will be too little, too late after you're caught! It is your responsibility to educate yourself and ensure you aren't violating the law. These are examples of violations of the Digital Millennium Copyright Act (DMCA) from www.musicunited.org:
Somebody you don't even know emails you a copy of a copyrighted song and then you email copies to your friends.
You make an MP3 copy of a song because the CD you bought expressly permits you to do so. But then you put your MP3 copy on the Internet, using a file-sharing network, so that millions of other people can download it.
Even if you don't illegally offer recordings to others, you join a file-sharing network and download unauthorized copies of all the copyrighted music you want for free from the computers of other network members.
In order to gain access to copyrighted music on the computers of other network members, you pay a fee to join a file-sharing network that isn't authorized to distribute or make copies of copyrighted music. Then you download unauthorized copies of all the music you want.
You transfer copyrighted music using an instant messaging service.
You have a computer with a CD burner, which you use to burn copies of music or videos you have downloaded legally onto writable CDs for all of your friends (that's the illegal part).
"I'm not hurting anyone."
According to the Institute for Policy Innovation, global music piracy alone causes: $12.5 billion in economic losses every year and approximately 71,060 lost jobs In the U.S.
It's having a very real and harmful impact on countless musicians, songwriters, performers, recording engineers, record-store clerks, and the public.
You could be hurting yourself too. The US Department of Homeland Security says file sharing makes you vulnerable to virus infection, attacks, and exposure of your own personal information: www.us-cert.gov.
"My roommate said making a backup was okay."
Section 117 of the Copyright Act grants permission to make an "archival" or backup copy of software you purchased legally, but does NOT give you the authority to make a backup copy of other material like music or movies or other copyrighted works that have been downloaded (http://www.copyright.gov/ help/faq/faq-digital.html). You can make limited backups of music downloaded legally, under some circumstances. Check the Terms of Service for the source of your legal download for specific details.
"There wouldn't be a place on the web to download it if it wasn't okay. "
Really? Do you believe everything you read on the Internet?
Laptops, smartphones, and removable storage drives enable us to get information on the go. We no longer have to be tethered to our desks to check our email, surf the web, or access files and information. Advances in wireless communication have made communication mobile, but also made it easier for the unscrupulous to access our personal information. Unless you secure your mobile data against loss, theft and unauthorized access, you are vulnerable.
Login to TigerMail online and go to Options > See All Options > Phone and select your device. Choose Wipe Device. Wait ten minutes, then contact your wireless provider to disable the phone.
If you were using your phone to check any email account via IMAP, change your password for that account. This will not remove the existing email from the phone, but it will prevent future nefarious usage of the account(s).
If you are an employee on the Blackberry Enterprise Server (BES) follow these steps:
Don't reverse these steps. Once the phone is disabled, OIT won't be able to access it to perform step #1.
People in Auburn have embraced the use of wireless networks. Unfortunately, online predators know this too. Using unsecured wireless networks can leave you computer, phone and handheld devices vulnerable to attack. Here are some tips when using a wireless network:
Be smart!! Most security risks and scams can be easily avoided if you use a little common sense.
Please display these promotional items during National Cyber Security Awareness Month. All items are provided by the Office of Information Technology and are free of charge to use as print items. All promotional items must be used in the manner intended. Reproducing all or part of any promotional items for uses other than intended is prohibited. If you have any questions, please contact firstname.lastname@example.org.