See through phishing and attempted fraud
Email has become the principal tool of cybercriminals. Linköping University is subject every day to attempts to steal information or commit fraud, and it nearly always starts with an email message.
Phishing is often clearly targeted
Attempting to trick someone into sharing sensitive information by sending them a fraudulent email is known as phishing. LiU is more or less constantly the target of phishing attempts. The attempts are often rather easy to see through, but co-workers sometimes receive extremely closely targeted attempts known as spearphishing. These can be extremely difficult to see through.
Be aware when reading email and be suspicious as soon as you are encouraged to visit a website and type in your username and password. The most common attempts are usually pretty obvious: They claim to have been sent by the IT Division, but use the wrong name for it (such as “Liu email team” or “IT Services”). They threaten, for example, that your account will be closed if you do not confirm it. Sometimes, however, a phishing attempt is made that is more difficult to see through. You may receive, for an example a message that says that new functions are available in LiU’s email system, and you can find out more by logging in. The phishing attempt then provides a helpful link, but this is not to the LiU website. It goes to a website with the same appearance that transmits everything you type into it to the criminals behind the phishing attempt.
Frequent attempts at fraud
LiU co-workers are often targets of attempted economic fraud. They are often based on the idea of convincing someone at LiU to make an international payment, and generally have very specific targets. The criminals have investigated LiU’s organisation and use the knowledge to, for example, send an email that appears to come from a manager to a co-worker who, it is assumed, is authorised to carry out the transaction. Some have even telephoned the university and attempted to convince co-workers to make payments. LiU has procedures that make this type of fraud more difficult, and it is important that these are followed.
Spread of malware by email
Email is also the principal method to spread harmful programs (malware) such as encryption viruses. This mainly takes place using two methods: by sending attached files that contain malware, and by sending links to websites that contain malware. Just as with phishing attempts, these messages can be extremely convincing. They may appear to be, for example, invoices, messages from managers or colleagues, package delivery slips, delivery confirmations, or messages from schools, care providers and other public institutions. It is important to be aware and suspicious. After opening an attached file or visiting a website, for example, you should never be asked whether you want to run a program. Otherwise, the only protection is to keep your computer and software updated, and have backup copies of all files.
There are some tests available to test how good you are to recognize phishing online. Try them out:
- SonicWall: "Phishing IQ Test" (test if you recognize phishing emails)
- Phishingbox: "Phishing IQ Test" (test if you recognize phishing emails)
- OpenDNS: "Phishing Quiz" (test if you recognize false websites)
- Barracuda: "Phishing IQ Test" (test if you recognize false websites and phishing emails)
Want to learn more?
Some resources with information on how to recognize phishing:
- Return Path: "10 Tips on How to Identify a Phishing or Spoofing Email"
- Yahoo: "How can I identify a phishing website or email"
- GlobalSign: "How to spot a phishing website"
File a case report with the IT Division if you...
...have been the target of phishing that is in your opinion particularly convincing
...have been the target of attempted fraud, particularly if account numbers or other bank details have been sent to you
...have been the target of an attempt to spread malware that is in your opinion particularly convincing.
Contact IRT in the event of any difficulties
Never hesitate to contact the IT security unit at LiU (IRT) if you are the target of, for example, attempted fraud, phishing or a virus infection. We are fully aware that sometimes things simply go wrong, and we want to help you minimise any damage or problems that arise.
Tel. (013) 281744
- firstname.lastname@example.org (to report spam)
- email@example.com (to report authentic mail erroneously labelled as spam)
- firstname.lastname@example.org (other matters).
Full contact details of the IRT are available here.
Training for your unit, division or work group
The IRT at LiU offers internal training in IT and information security. Take preventative action and learn more about a specific area, or obtain a general review.
Last updated: 2019-02-22