Phishing Scams

Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company or person and asks you to provide sensitive information (passwords, account numbers, etc) or direct you to fake websites. A few clues can help you spot fraudulent email messages or links within them.

  • They might appear to come from Williams, your bank or financial institution, a company you regularly do business with, or from social media sites. They might include official-looking logos and other identifying information taken directly from legitimate websites, and they might include convincing details about your personal history that scammers found on your social network. They might include links to spoofed websites where you are asked to enter personal information.

  • If you have to ask, it probably isn't real! Most times anything that looks or appears to be a scam is. To be sure you can check the following:

    1.  Check the email address:
      NEVER FORGET: It is easy to spoof the From: address in an email. Hover your mouse over the email address, Does the From: address match the Reply-to: address? (if not, beware). Is it a valid email address of someone that might send you such an email?
      Did the person in question actually send the email? If not 100% sure, contact them in a separate message or bu phone to find out!
    2. Check the link itself BEFORE clicking on it:
      Emails can contain links or forms that you can fill out just as you would fill out a form on a legitimate website. Phishing links that you are urged to click in email messages, on websites, or even in instant messages, may contain all or part of a real company’s name and are usually masked, meaning that the link you see does not take you to that address but somewhere different, usually an illegitimate website. Hover your mouse over the link. Does the actual link match where it is supposed to go?
      For example, the a link you think should be to “www.microsoft.com” could appear instead as: www.micosoft.com, www.mircosoft.com, or www.verify-microsoft.com all of which are not the actual web-page, but the scammers site instead. If you are on a mobile device check the email on your computer before clicking the link.
    3. What are they asking for?: 
      Phishing emails often start out “your account has been used to send spam” or “we are doing maintenance on our webmail system” – then they ask that you reply with your username and password. There will never be a reason to give anyone your password by email – honestly.
    4.  Check grammar and formatting:
      Phishing email often have grammar mistakes or plain just don't sound correct when you read them.
    5. Check if it is a valid email from OIT:
      OIT will NEVER, EVER ask for your Williams Username/Password. Official OIT emails will have "OIT-EPH-NOTICE" and the date in the subject line

    Examples:

    phish Phish2

  • COVID-19 Related Scams:

    Scammers often use current events as a lure to try and exploit public fears. Be wary of any messages that appear to come from the government or official agencies. Especially if they contain links or attachments. Emails that have "Health advice" or offers for vaccinations and home test kits are most likely scams. More info and examples:

    https://www.consumer.ftc.gov/features/coronavirus-scams-what-ftc-doing

    https://us.norton.com/internetsecurity-online-scams-coronavirus-phishing-scams.html

    Gift Card Scam:

    This scam is a little more tricky.  Note that the scammer here will take a legitimate name of a person in authority that works at your organization.  However, that is where the similarities end.  The email address (although it may look similar), is from outside your organization.

    It starts off innocently enough – Are you available?
    Once you reply, they will often say they are in a meeting, and can’t get to the phone. They may say that they need you to buy hundreds of dollars in Amazon or Itunes gift cards, with the promise they will pay you back.  However, they are not your boss, but a scammer impersonating your boss.  Once they have your money, they cease contact.

    When replying to an email, remember to ensure that the email is in fact coming from that person, and not another address.  When in doubt, email their actual address, or even call them to be sure.

    Extortion Scam:

    Several high profile websites were compromised over that last few years. Scammers now have access to a wide variety of usernames, account names, and password data. The scammers claim to have used your password to install something on your computer, watch you through your webcam and have your contacts . They then threaten to

     release the video and password info unless you pay up.   In reality, the scammers here don’t really know your current passwords, have said video, or have installed anything on your computer.  The passwords they mention were mostly likely passwords that you have used years ago on a site, and have since updated it. Other than an account name and an old password the scammers have nothing. 

     

    Fake Job Application:

    Here a scammer is usually out to harvest your personal information.   They will email you with a job offer that is often to good to be true. There is no job here they just want you to reply to the email with your information. Stick to a prospective employers website, or legitimate third party job posting sites like Indeed, or Monster.

    Money, Bank or Lottery Scam:

    The money scams are a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. They often includes references to big companies, such as Microsoft. There is no Microsoft Lottery. They then will ask you to send a check to cover the “processing fees”. 

    Beware of any email that says you need to pay first to receive any money.  If you won any payment, it is never contingent on you sending money first in order to claim it.

    Verify your account  Scam:

    This scam starts by getting an email pending to be from IT. It will tell you that your account is inactive or about to become inactive if you do not "click here" to log in. The scammer may even go as far as copying the logo and look of Williams or other companies log-in pages. The link of course is not real. They are hoping you will input your credential for them to steal.

    Businesses should not ask you to send passwords, logon information or user names, Social Security numbers, bank account numbers, or other personal information through email.

  • If you have submitted your password to a phishing site or email, here are the steps you will need to take ASAP: http://oit.williams.edu/help-docs/security/phish-recovery/

    This may be a good time for you to review the security settings on your Google Account.  Do you have 2-step verification turned on? To check, visit your Google Account settings by clicking on the top right circle and select "My Account".  Under the "Sign-in & Security" section you can set up 2-step verification.

  • You may forward suspicious emails to spam​@williams​.edu to notify OIT of a suspected phishing attempt or use our online form .  The types of emails that are of high concern are those that ask for information from the recipient, such as login information.

    When you do recognize a phishing email it helps to report it directly to Google so they can analyze and block it more quickly. From the gmail interface in a web browser choose Report Phishing from the drop down menu next to Reply

    report-phishing

    Reporting the email to us is important as well so we can start our internal security procedures.

    Thank you for your assistance!