Q: What's phishing?
A: Phishing is the practice of sending fraudulent emails appearing to come from a legitimate source, such as the IT department, bank, or another trusted resource or business in an attempt to obtain personal information. The targeted information can include items such as usernames and passwords, credit card numbers, social security numbers, or other personal information. These scammers "phish" to see how much info they can "catch."
Q: How does it work?
A: You'll receive an email that appears to be from Hampshire IT, or another seemingly legitimate business or organization. The email asks you to visit a page requiring a login or to reply and provide your username and password or other sensitive information. They can also use malicious software, or “malware,” in an attachment or an infected webpage to attempt to collect data or cause damage. Once they have your information, they can use it immediately or save it to use at a later date. We have seen accounts get taken over and used months after the owners fell for a phishing message by providing their login information.
Q: How can I tell if an email that is claiming to be from Hampshire IT is a phishing scheme?
A: If it asks for you to reply with or "verify" your Hampshire username and password, it's a scam. Period. Hampshire IT will NEVER ask for your username and password. The messages can often sound threatening or urgent. Don't be fooled! Here are some other clues that it's phishing:
- The return address is not a straightforward firstname.lastname@example.org.
- They ask you to reply with your username, password, and other personal information to confirm your account.
- They ask you to go to follow a link to a non-hampshire.edu website that asks for your username and password.
- They claim your account will be deleted or deactivated if you do not provide your username and password.
We do have automated quota and password expiration messages that you can easily verify by visiting the account management pages at password.hampshire.edu. That site will show your password age, quota status and other information and settings for your account. We also post announcements on the Intranet if there is a significant issue.
Q: What do the scammers do with a compromised account or information?
A: The scammers might hijack an email account and use it to send thousands of spam or other phishing messages. They may try to use a phished account to compromise servers and other IT systems. They may try to use your login to gain access to other online accounts including bank, credit, medical, and personnel records, among others. They may use the information to try to steal your identity or for other financial gains.
Q: I fell for a phishing scheme. What do I do?
A: If you replied to a message and provided your information or if you logged into a fake site, you should change your password immediately. The real Hampshire IT department will lock your account if we see suspicious activity. If we disable your account for phishing reasons, you must contact the help desk at 413.559.5418 and verify your identity to regain access. If you realize your mistake before your account is disabled, please change your password immediately and alert the help desk.
Q: I got a message I think is a phishing scheme. What should I do?
A: Don't respond to these messages, don't open any attachments, and don’t follow links. You should check the legitimacy of an email by accessing the school, businesses, or government website directly. You can mark the email as junk or delete them if you determine they are phishing. You can also call a company's customer service line if you are still not sure something is phishing. You can forward particularly well-crafted legitimate-looking phishing messages to email@example.com
for IT staff to evaluate. We use these messages to place blocks at our firewall preventing on-campus users from going to these fake sites or replying to the email. You do not need to forward the messages to individual IT staff members.
Q: What can we do to stop being targeted for phishing schemes?
A: Knowledge and vigilance are two crucial counter-phishing strategies. We need to learn to recognize them, delete them, and move on. Using the information on this page, you will be able to spot some of the most common types of phishing attacks. But that doesn’t mean you will be able to detect every phish. Phishing is continuously evolving with new techniques so we must always stay vigilant.
Here are some more tips to avoid being phished:
- NEVER give your username or password out in an email, not even to us!
- NEVER reply to any email asking for your personal information. Any response will indicate to the sender that they have found a working email address and will continue to try with more phishing messages.
- NEVER click on a hyperlink from an unsolicited email. If you have reason to believe it is not legitimate, DO NOT CLICK ON THE LINKS. If you think it may be legitimate, type it into the web browser yourself. That will make sure you know where you're going.
- NEVER load images in unsolicited mail. Loading the images may trigger a response to the sender that your email account is valid and available to hijack.
- ALWAYS look at the URL in messages. If the hyperlinked address is different from the address that is displayed, the email is possibly phishing.
- ALWAYS be suspicious of messages filled with poor grammar or spelling mistakes.
- ALWAYS be suspicious of messages if you're asked to send money to cover expenses.
- ALWAYS use common sense. If something looks off, there's probably a good reason why.
A Phishing Awareness Campaign by the Hampshire College IT Department