Phishing for Links
Recently, E-town was the target of a major phishing scam. Many users failed to recognize the misleading link in the email. Links in emails can present problems in two major ways: they can be infected with malware that can damage your files, and they can be phishing attempts to gather your information for potential identity theft.
Corrupt and infected links can release malware that will automatically download onto the device as soon as you click the link. When malware is detected on the network, your account may be suspended. This can take some time to resolve. Don’t put yourself at that risk, and learn to spot these hazards.
A phishing link might also redirect to a page that asks for your username and password or other information. Giving account information to phishers could lead to identity theft. Phishers can use this information and put the entire E-town network at risk.
Never click on a link in an email. An in-text link, or hyperlink, is one that uses a word or phrase instead of showing the URL. For example, the link might say “Go to Google and search for cats wearing hats” with Google linked instead of displaying the URL.
A hyperlink could reroute you anywhere. To avoid any misunderstanding, copy the URL then paste it into the browser rather than just clicking on it. This allows you to see where it will go without following it yet. Phishing attempts can come from someone you do not know or from a contact in an email you were not expecting.
If you encounter a link anywhere and you aren’t sure where it goes, you can see the URL without actually following the link. In most browsers, you are able to you hover over the link with your mouse to see the actual path for the link, not just the in-text parts.
If that doesn’t work, you can right click on the linked word or phrase and copy the link into a Word document to examine it more closely. How you copy the link may vary based on the program or web browser you are using. For example, in Microsoft Office Word, you might click “Copy Link” or “Copy link location” depending on the version of the application you are using.
If you are using a phone or mobile device, you can tap and hold on a link until an options window appears. The link will appear at the top of that options window where you can confirm the destination of that link.
Before you follow a link, examine it VERY carefully. Is the whole address, especially the extension at the end, correct? Perhaps you thought it would go to “etown.edu” but really it says that it will go to “etown.edu.co.” That is not the same place, and that is a pretty common sign of a phishing scam. If it is going where it said it is, then you are safe to paste that URL into your web browser and follow the link. If it goes somewhere else, do NOT open the link. It might be a phishing scam. Forward that email to mailcop@etown.edu.
Be cautious on the web and always be on the lookout for phishing scams. For more tips on spotting phishing scams, check out our Phishing Scams are Getting Smarter article.
As always, if you think you have received a phishing email, forward it to mailcop@etown.edu. If you have or think you have been the victim of a phishing attempt, call the ITS Helpdesk immediately at X3333 and change your password.