Fall Phishing expeditions
Published: 8-5-2013 8:00 am
I thought I would take a moment to send the semi regular reminder about
phishing attempts. We've seen two or three varieties already this fall and many
of you have forwarded them to our office to let us know - thank you for your
A few telltale signs of a phishing attempt:
1) The e-mail asks you to respond in e-mail with your username and
password. A legitimate entity will NEVER ask you to turn your password over to
them in e-mail (or frankly in any way other than logging into the system as you
2) The e-mail comes from an e-mail address outside the organization.
3) There is a "click here" link in the e-mail to resolve the issue. While
this can sometimes be legitimate, you are always better off entering the URL
directly into your browser. For example, let's say you get an e-mail from
"Your credit card has been disabled click here to resolve the
The best practice is to go directly to the website for your credit card
company (in this case www.citibank.com
and NOT click on the link in the e-mail. If the e-mail is legitimate,
you'll get the same notice as you log in that was in the e-mail. If it isn't
legitimate and you click on the link in the e-mail and login, you have just
given your username and password to a site which was NOT your credit card
company's site (but may look very much like it).
Thanks for your vigilance in watching out for phishing attempts and
protecting your passwords!
Sent from my iPad