Hook, line, sinker. That’s the motto of a savvy group of hackers using an increasingly popular scam called phishing–of which the Towson campus has been a target.
Phishing deceives you into disclosing your credit card numbers, bank account information, Social Security number, passwords or other private information so that hackers can gain access to your financial records or accounts, often leading to credit card fraud, identity theft and financial loss.
Hackers “spoof” e-mails, Web sites and pop-up ads to make them appear as if they are being sent from a reputable source, such as your bank. Logos, Web graphics and links are used to mislead recipients.
In the worst case scenario, you could become a victim of identity theft, which is the fastest growing crime in the United States. With the sensitive information obtained by a phishing scam, hackers could take out loans, obtain credit or obtain a driver’s license in your name.
In the past few months, the Office of Technology Services has identified more than three cases of phishing on campus. Phishers sent Towson University account holders e-mails claiming to be from SunTrust Bank, Washington Mutual, Inc., and First Federal Internet Banking. Users should keep up-to-date with Daily Digests and OTS Alerts (http://alerts.towson.edu) as OTS will inform the campus of phishing incidents there.
To help safeguard against phishing, OTS and University Police recommend following this advice:
* Never reply or click any links in the body of unexpected e-mails requesting account, billing or other personal information.
* Contact companies through a legitimate phone number or address if you are unsure about the information requested.
* Before submitting financial information through a Web site, check to see if the Web site is using encryption, which will be indicated by a lock icon in the browser’s status bar at the bottom of the window.
* Review credit card and bank statements regularly. If you unknowingly supplied personal or financial information to a phishing scheme, contact your bank or credit card immediately.
* Report suspicious e-mails to the Federal Trade Commission at {uce@ftc.gov}.