Phishing: Don't Get Hooked
With ever increasing amounts of phishing attempts and other threats, your Texas State Information Security team is hard at work, providing education, tools, and tips, to keep you safe.
What is Phishing?
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
What To Do If You Think You've Been Phished
Report any phishing emails you received to your txst email to firstname.lastname@example.org
What information are they after?
E-mail spoofers are commonly trying to get the following information:
- PIN numbers
- credit card numbers
- CCV codes (the 3-5 digits on the back of the credit cards)
- ATM/debit or credit card information
- social security numbers
- banking information (account number, routing number).
Email Tips and Tricks
- No reputable organization will ever ask you for confidential information via e-mail.
- Never respond to an e-mail from a source you are not 100 percent sure of. When in doubt, call them.
- Never be afraid to call the company. If they want your information, they should be able to take it over the phone.
- Always check the authenticity of a Web site before you provide any of your personal information.
- Never click on a link in a suspicious e-mail because it may take you to a malicious site. Open a new browser window and type in the link manually.
- Phishing e-mail will often have a sense of urgency. ("Your account will be closed if you don't..." etc.) They may also contain strange words, misspelled words or unusual or awkward phrasing to help them avoid SPAM-filtering software.
- your employer
- help desk personnel
- IT organization
- vishing (Phishing via Phone)