Tip:
Highlight text to annotate it
X
You get an email that appears to be from the Accounts department.
It says "We're updating our databases. Please send us your user ID and password."
Although the message looks real, it's an attempt to get you to give away your information.
Welcome to Phishing Scams - Simply Speaking.
Randomly guessing a well-formed password can take a very long time.
Instead, people who want to steal your information try to trick you
through email messages that look important.
This is a form of social engineering.
Someone is trying to push your buttons to make you respond.
And it works.
Every year over five million people in the U.S. fall victim to phishing scams.
Some of these messages look like security or technical notices.
They'll say things like your account is about to go inactive,
they're trying to stop a virus, or your mailbox is full.
They look like they come from a legitimate sender,
but no one should ever ask you to send a user ID and password through email.
Other scams attempt to get your attention by talking about money.
Maybe there was a problem with your bank account.
Maybe you won money in a contest that you didn't know you'd entered.
Even better, a member of royalty in a distant country needs your help
accessing their inheritance, and will give you a hefty commission.
All you need to do is give them your bank information.
The email messages themselves may not ask you to respond with your personal information.
They may include a link to a form that will collect it.
In the email, the link will look like a legitimate address,
but if you put your mouse over the link,
it'll show you that the link takes you to somewhere else.
That's a warning sign.
If you send your information, you'll quickly find that your accounts will be used for malicious purposes.
They'll use your email account to spam your family and friends.
The real computer security staff will lock your account.
That will remove your ability to access other systems, like online classes,
grades, the library, and course registration systems.
If you give away your bank information, you'll see mysterious new charges
and possibly loans taken out in your name.
That could quickly lead to debt and a bad credit rating.
So what do you do if you send your information and have concerns that you just made a mistake?
First, change your password to something completely different.
Never go back to using that password again.
Second, contact your local information technology security unit.
They'll be able to help you figure out what else you can do to protect your accounts.
This has been Phishing Scams - Simply Speaking.
To get more information about this topic,
visit the Be-Safe Web Site at its.psu.edu/be-safe.
This video was produced by Penn State University
and is available under a Creative Commons license.