IT Security Alerts and Advisories 

Phishing for Passwords

There have been a number of recent email-based "phishing" attempts in which recipients are requested to provide their login credentials.  While many of these campaigns look obviously suspicious, some have been very carefully crafted so as to appear to be genuine.

Please be advised that IT Services will never request users to divulge their login information via email.  If you are the recipient of such an email request, please ignore it and delete it. 

If you suspect that you may have been a victim of such a phishing attempt, you should change your password immediately.

 For more information on phishing, see the following article entitled Anatomy of a Phishing Attempt.


Following Email Links

Clicking on links in unsolicited email is like accepting candy from strangers.

Phishing attacks largely rely on luring people to follow links that lead them to malicious or compromised sites.

Often, an unfortunate consequence of clicking on these links is the downloading and installation of malicious software such as Trojans and worms – all without the victim even knowing it. 

The best practice is to not open email from unknown senders.  Period.

Even with mail sent by friends or family, caution should be used when clicking on embedded links.

As for links contained in unsolicited email:  treat them like tainted candy.






Twitter Facebook Linkedin Flikr UFV on Google+ YouTube goUFV