BU Information Security Presents: Phishing

--A few important words brought to you as part of Information Security Awareness Week Most people think they know about spam and phishing, yet every day someone at Boston University falls for a common email scam and has their account compromised. Here are a few simple tips to avoid being hooked by a phisher: 1. If the email asks for your password, it is a scam. Delete it. 2. If the email is about a financial account you donít have or an order that you donít know anything about, it is almost certainly a scam. 3. If you feel you must check out something sent to you in email DONíT CLICK THE LINK. It is completely possible to make a link lie to you. Instead, use your browser to go to the known and trusted website by typing in the URL/Web Address yourself. For example, take this link: http;//www.google.com/ If you click this, it will not take you to Google, it will take you somewhere completely different. Scammers use this trick all the time to trick you to going to malicious websites. 4. You can tell where a link is going to take you by hovering over it with your mouse. Donít click. Hover. If you do this for the link above you will see yahoo pop up in a box by your pointer or in a space at the bottom of your email client or browser. General rule: if the email message is lying to you about where it wants to send you, it is a scam. 5. Forward scam emails to abuse@bu.edu and then delete them. If in doubt, call the IT Help Desk (Charles River Campus (617) 353-4357, Medical Campus (617) 638-5914). For more information visit: bu.edu/infosec/howtos/how-to-avoid-phishing/ (The above link was sent in clear text and is pointing to a domain you trust, bu.edu. But if your email client made the link clickable, you should still get into the habit of not clicking it, but copying and pasting the link into your browser.)