Nova Southeastern University

In brief, a 'phishing' email is one that pretends to be from a company or bank like eBay, PayPal, WAMU, Suntrust etc, and which asks you, (for various reasons), to enter your account data, such as login details. These scams are often supported by fake spoof websites, and victims are tricked into thinking they are logging to a real website. Phishing is a form of identity theft, where fraudsters steal your identity and personal information to gain access to your accounts or commit other crimes using your persona. Generally, phishing emails are usually sent from spoofed addresses.

Spoofing is the part of any form of communication (electronic or physical) whereby the sender inserts/attaches false identity contact information to the communication.

As an example, you receive an email from your bank saying that there is a problem with your online account and need to verify your account information or your account will be suspended. You click on the link at the end of the email and get a log in page that looks exactly like your banks. If you enter your log in and password, you have just given the crooks complete access to your bank account.

If you do receive a scam email, you should not click on any of the links it contains or believe anything it says. Ideally you should delete it straight away, but it would be useful if you submit it to us and to the bank or institution it is targeting.

You should act immediately. Depending on how much information you revealed, you should log into your relevant accounts and change your usernames and passwords. This will stop the fraudsters accessing your accounts with the information you sent them. Contact your banks and financial institutions and make them aware of the situation in case of problems. They should also give you further help and advice.

You may wonder how the scammers got your address or knew you were a member of a particular bank or institution. Often it is just good luck on the part of the scammers. They normally do not target individuals, but send out thousands of scam emails to randomly generated email addresses, in the hope that just a few will be successful. They also trawl the web for valid addresses they can use, and swap this information with each other. If you have ever posted on an internet forum or published something on the web, there's a good chance your address is out there somewhere just waiting to be found. If you have fallen victim before, your address is normally added to a list of 'easy victims', and you are likely to then receive even more scams.

The golden rule is that banks and other institutions NEVER ask for personal data by email. If in doubt, you can forward the email to the supposed sender and ask them if they sent it, but make sure you type in the return address by hand. Additionally, NEVER click on the links found in these messages. If you need to log into your account, open a new web browser and manually type the URL for the site into the address window. Do NOT cut and paste.

The Office of Innovation and Information Technology currently utilizes a hosted solution from Proofpoint Enterprise Protection System to filter potential spam email before it is delivered to the user. Proofpoint is a commercial grade anti-spam solution. Messages are evaluated first to identify if they originated from a from mail systems previously identified as possessing questionable reputation. Messages are further checked against a local database of characteristics and signatures for known spam patterns. Currently, over 95% of all messages received by the NSU email scanners are identified to be spoofed, spam, viruses, scams, or phishing messages. These are deleted and so do not get to the users Inbox. The detection of malicious messages is still not an exact science, and so occasionally, legitimate messages can get marked as malicious. OIT makes every effort to only delete malicious messages and so when the reputation of a message cannot be determined with 100% certainty, it is allowed through to the user. This is because OIT prefers to allow a message that it cannot classify with certainty as malicious rather than delete a legitimate message.

For more information on Proofpoint Enterprise Protection System and to review information on malicious messages, please visit http://splog.nova.edu.