Phishing Scams and Spam

Be skeptical and avoid phishing scams.

Always be skeptical, especially of things that are free. Chances are, you didn't just win a lottery without buying a ticket, and a foreign oil magnate is not going to give you ten million dollars for laundering his money. These types of "phishing scams" are spreading more frequently and are becoming more intelligent.

Scammers send email claiming to be from a bank or some other trusted online institution and beg, cajole, or threaten us to give them our account numbers and PINs. They even can include links to webpages that look exactly like the real thing. If you ever receive a message like this, and you think it may be legitimate, bring up your web browser and type the URL that you are already aware of for the company. Don't trust the email message to contain any valid information, and don't follow links to modify your online accounts.

When you're downloading free software from the Internet, make sure you read the fine print. Often companies are give away "free" services or software on the condition that you agree to have all of your Internet activity monitored and the results sold.

Even though CUIT carefully maintains filters that prevent most spam from reaching inboxes, phishing scams are more likely to get through. These messages look very legitimate to scanning software. If you'd like, you can set up a personal spam filter online that is less tolerant than the one used by the whole University. 

CUIT filters out executable and archived (or "zipped") attachments that contain executables, so it's extremely unlikely that a virus will ever be sent to your Columbia account. Other accounts on other servers, however, do not take this step. For this reason, always be suspicious of file attachments that are sent to you, even if you know the person sending it. Many worms will send themselves to everyone on a given machine's contact list. Others misrepresent their origins by changing (or "spoofing") the email address of the sender.

Instant messenger networks are vulnerable to worms spreading through file attachments or links to infected websites. If you are presented with a file or a link, even if it is from someone you know, and you weren't expecting it, send a message back to get confirmation that it's safe.

