Phishing Scams

Tips for avoiding phishing scams:
(attempts to capture your username & password)

  1. No legitimate service will ever ask you to send them your password or go to a web page to “confirm” it. Systems administrators have access to your information and do not need you to supply it. Delete these messages.
  2. If you get a message that appears to be from your bank or credit card company do not follow the link in their e-mail. Log into their site yourself or call the toll-free number on your credit card to verify.
  3. Any attachment sent to you that ends with “.exe” should be avoided like the plague. Did you really get a postcard or did you get postcard.exe? Trash it before it trashes your computer. Links may attempt to hide the type of file, so verify the link before downloading anything.
  4. Do not unzip and run a zipped file without verifying what it is. Ever.
  5. If you are using Zimbra’s web mail client you can scan the first line of a message before you open it. If it looks like nonsense then it is probably spam at best. At worst it has a link to malware (software’s evil cousin) or a phishing site.
  6. If the email was sent to “undisclosed recipients” that may be an indicator of spam depending on the context.
  7. Another tell-tale sign of spam or scam is extremely poor grammar in the message.

Also, while not directly affecting your computer, 99.99% of the virus warning messages you get from friends and family via e-mail are hoaxes. Surefire indicators of hoax material are if they say it was verified by Microsoft, CNN, or McAfee and that you should forward it to everybody in your address book. When in doubt about the veracity of anything you receive in e-mail whether it is a virus warning or information about [fill in the name of any politician here] check a site such as before forwarding it along. They are pretty good at vetting these things.

If you are at all unsure of anything you receive in your inbox and it isn’t covered above, just contact us for advice.