Spacer
Spacer
BGSU
HomeAcademicsAdmissionsThe ArtsAthleticsLibrariesOffices
Spacer
Spacer Spacer
Top Nav   Office of the Chief Information Officer
Cross Hatch

Office of the Chief Information Officer

Welcome

About Us

ITS - Information Technology Services

IMS - Instructional Media Services

Student Tech

Office of Web Development

BG@100

Projects and Strategic Initiatives

Quick Reference

Newsworthy

Feedback

Office of the CIO Policies

Fraud Notice

CIO-Alerts and CIO-Inform email & PGP Public Keys
No Banner
Spacer Connect October 2004 Security Article Spacer
 

Identity Theft Scams Are Growing Concern

Social engineering is a time-tested technique of tricking someone to reveal private information such as financial data, company secrets or access to a computer system.   A technology-enhanced version of social engineering is called phishing and it is one of the fastest growing scams that can lead to identity theft.   The technique exploits an individual’s lack of knowledge about technology or procedures, or catches busy people reacting to a situation without thinking.  

 

Phishing is pronounced “fishing” and is often used via email to harvest personal information.   To create an illusion of trust, the email may contain graphics, logos or other customer service data.   The goal is to gather account usernames, passwords, and credit card and Social Security numbers.   Research data suggests that 5 percent of victims respond to these email requests for personal information.

 

According to the Anti-Phishing Working Group, Citibank was the leader in phishing imposter emails in June, followed by eBay and U.S. Bank.   The sharp increase in phishing activity this year suggests links to technology savvy organized crime.   As phishing scams increase in sophistication, so may the difficulty in spotting a forgery.  

 

The best defense against phishing is knowledge and a little skepticism.   Look for the following signs when reviewing email:  

 

Legitimate companies do not initiate contact:   Just because you receive an email appearing to come from a company you do business with, such as eBay, does not mean that it is authentic!   The majority of legitimate companies NEVER initiate contact with you and request personal or financial information view email.  

 

Spoofed or forged “From” email addresses:   Over 90 percent of reported phishing emails do not originate from where they appear.   Many also use slightly altered email addresses such as support@verifityvisa.org to appear legitimate.   The previous email address is from an actual phishing example and is not affiliated with the Visa organization.  

 

Do not reply or click on web address links:   Clicking on these links in phishing emails may direct the user to another site to harvest personal or financial information.   One real example is http://signin.ebay.com but further examination revealed no affiliation with eBay.   Often these sites may actually be located in other countries, which can hinder law enforcement measures.  

 

Look for misspellings, inaccuracies or poor grammar:   These suggest a forgery and can be clues to stop and critically review the email for authenticity.  

 

ADDITIONAL PROTECTION

 

Use virus protection and apply recommended operating system security patches:   Phishers capitalize on system flaws and viruses.   Keeping your system up-to-date will not only help protect it but may help a victim identify a phishing scam in progress.  

 

Review bank statements and credit card information:   Look for unusual transactions and report discrepancies immediately.  

 

Contact the company by phone (but not by using numbers in a suspicious email).

 

More information about phishing and avoiding identity theft can be found at www.bgsu.edu/its/security/advice/tips/page11128.html.

 

  
Spacer
 
Spacer Spacer
Spacer
Spacer
Spacer
Spacer
Bowling Green State University  |  Bowling Green, OH 43403-0001  |  Contact Us  |  Campus Map  |  Site Map  |  Accessibility Policy (PDF Reader)
Spacer