NC State email accounts are constantly being targeted with advanced phishing attacks to steal your personal information such as account names, passwords and banking and credit card information. These phishing attacks can be extremely damaging to you and the university.
Phishing attacks are typically associated with email, and most are implemented when you click on a link to malicious online content – often a webform designed to trick you into thinking you are entering information into a trusted website such as Facebook, PayPal or an NC State site. These attackers will often perform reconnaissance (via a simple Google search) on a specific target (person) and then craft a sophisticated pretext to increase the likelihood of their success.
For several years, email accounts at NC State have been targeted using advanced phishing attacks. Attackers have made perfect copies of just about every login page on any ncsu.edu website and then sent thousands of emails enticing campus users to visit them. These sites include the MyPack Portal and the NC State Shibboleth and Google Docs login pages. Phishing emails sent to @ncsu.edu accounts have included a great deal of information about the university. They have referenced:
- North Carolina State University
- NC State logos, banners and template graphics
- Shibboleth logins
- OIT (Office of Information Technology)
- Unity username
- Names in the campus directory
- Support@ncsu.edu or firstname.lastname@example.org
- Google Apps for Education
Why is protecting your email account and password important? The ncsu.edu domain has been around a long time and is trusted on the Internet. An email message sent from your account is less likely to be tagged as spam, so it will get delivered to the target’s inbox. Sustaining phishing and spamming operations seems to be the most common reason for phishing attacks.
Here are a few tips to help you identify a phishing email:
- Look for urgency
- If the message urges you to take action right away or suggests dire consequences if you don’t, it’s probably a phishing attempt.
- Examine images and company logos carefully
The more sophisticated phishing emails will often contain logos or images that have been stolen from the website of a legitimate company or faked to look like the real thing. Or the email itself may look like a website.
- Verify a company’s contact information
A URL or link in a phishing email may contain a familiar company’s name and appear to be legitimate. Hover over a link to view the whole URL and verify it is going to where it says it is going. You can also make sure you are contacting that company by going to its website another way (for example, by typing its legitimate address in your browser or selecting it from your browser’s bookmarks). If you don’t know the address, use a search engine to find the company’s website. If you are on a mobile device or tablet, be sure you know how to hover over a link to see the actual address of that website. Generally, this is done by clicking and holding the link and the actual URL will appear.
- Check the “from:” field in a suspicious email
- The information in the “from:” field of an email can be falsified. Look carefully and compare the sender in the “from:” field with the one in the email signature. If there are any differences, be wary.
- Pay attention to spelling and grammar
Misspelling and poor syntax are typical of many, but not all, phishing emails.
- Beware of pop-up forms
If a pop-up box appears in an email and requests that you enter information, it is likely to be a phishing attempt. Pop-up boxes are not a secure means to transmit information.
- Be cautious about attachments
A phishing email may also include an attachment that could contain spyware or some other electronic threat. Never open an attachment, even from someone you know, unless you’ve verified that it’s safe.
Please remember NC State IT personnel will never ask you for your password via email or telephone. They do not need it for maintenance or upgrades.
To learn more about phishing, including ways to recognize it, prevent it, report it, and what to do if you suspect you’ve been phished, visit Phishing. If you are not sure if an email is phishing, err on the safe side and contact the NC State Help Desk at email@example.com or 919-515-HELP (4357).