RIT Information Security Alert: Important Message Phish

RIT Information Security Alert: Important Message Phish

 

RIT email users have received another phishing attack that mimics an RIT official message. PLEASE DON'T CLICK ON THE LINK AND PROVIDE YOUR INFO! You'll receive many of these phishing attempts throughout the academic year. We won't be able to warn you about all of them.

If you've received a message with the Subject Line: RIT: Important Message, do not click on the link. Here's the text of the message:

How do you know this is a phishing attack?

  • RIT does not send out emails with links to enroll your email accounts. 
  • If you hover your cursor over the link in the message, you'll note that the link included in the email does not link to an RIT address, although part of the link is very similar. (We've removed the link from this example. The link actually goes to a website in Sweden.) 
  • The phish uses a common technique of trying to impart a sense of urgency to get you to supply the requested information before you've had time to consider the request. (If RIT was making a change of this nature, you would have received information through RIT Message Center, among other official channels.)
  • For more information about Phishing, please visit the RIT Information Security Phishing page.

What RIT is doing to protect you

  • RIT is working to block the phishing/malware attacks from reaching RIT e-mail accounts.
  • myMail.rit.edu has not been compromised.
  • Antivirus software with up-to-date virus definitions will protect against viruses and many other threats that may be associated with phishing emails. (McAfee Antivirus software is available free to RIT students, faculty, and staff for home use from http://www.rit.edu/its/services/security/).
  • MySpam will block many of these phishing e-mails. However, senders actively modify messages to avoid spam traps like Brightmail, and that allows a few to slip through.

What you can do to protect yourself

  • Delete the e-mail. If you clicked on the link, change your password NOW, scan your systems for viruses and spyware,  and report the situation to your IT support (SCOB, NTID, ITS Service Desk, etc.).
  • Visit the RIT Information Security Phishing page at http://www.rit.edu/security/content/phishing for information on keeping yourself safe from phishing attempts.

Remember: RIT will NEVER ask for your password through e-mail.

December – Scams & Hoaxes

The last month of 2014 has arrived. December is full of joy because the holidays’ spirit is around all month. There is a long break from classes and its Christmas time! Unfortunately, this is also the reason why it’s become scamming season as well. The generous nature of these holidays makes all of us the perfect target of scams and hoax.

Beware of Good Ole Scammer Claus! 

As we head towards holiday shopping season, remember that there are many scammers trying to trick you into revealing credit card numbers and other Private information--information that can be used for Identity Theft. As part of their attempts, we're seeing an increase in phishing attempts--many disguised as free gift cards or delivery confirmations.

Follow these guidelines to help ensure your Private information (and your money) stays secure on the Internet.

No-Click November

It’s November again. Cyber Security Awareness month (October) just passed but that doesn’t mean that we don’t have to keep practicing all the online safety tips we learned; quite the opposite actually, now that we have gotten more informed about online security, we must implement those tips daily and share our knowledge with everyone that surrounds us.