Phishing: What you need to know

Phishing at UNL
Phishing at UNL

Phishing Explained

Phishing is an attempt to get you to provide personal information to unscrupulous persons. They try hard to deceive you with fake emails and web sites that look very real.

The Phisher’s Goal

Obtain some information about you that you wouldn’t normally disclose, such as login and password information, home address, or social security number. If your email address and password are known to phishers, they will log in to your email account immediately and attempt to gain access to your other internet services such as bank and credit accounts. They can use “I forgot my password” services on web sites to change your account passwords and even your home address. They might then drain your accounts or order new credit cards to be set to your "new" home address.

How They Do It

In the good old days email was just plain text and attachments. Many years ago it became possible for email browsers to display email that is formatted in web page code. These “HTML” emails can contain hypertext links with any text in any font, color, etc. For example, blue underlined text reading “https://login.unl.edu” or “Click MY ACCOUNT” and appearing to be a normal web link could actually go to some place like “http://sender.ed-u.tk/link.php?M=1627&N=15&L=2&F=H”. This was a real case on January 30. The phisher’s web site was an exact replica of UNL’s login.unl.edu web site, but instead it was in fact a phony. Any one who entered information on this face site gave up their Active Directory (eMail) information to the scammers.

How to Tell If an email Is a Phishing Scheme

Whenever you receive an email that wants you to click and log in, you need to determine the actual web address. You can click on the link and try to see the address in your web browser. This is dangerous as rogue web sites can trigger background downloads or run malware that takes advantage of out of date Java and Flash services. It is better to hover you mouse pointer over the link you would otherwise click. After a couple of seconds you should see a box showing the actual link. You should see well formed addresses like “https://login.unl.edu” or “https://trueyou.nebraska.edu/idm/user/login.jsp”. If the URL does not match the organization that is supposedly contacting you, you should be suspicious. Contact IS Help Desk.

If You Logged into a Phishing Site

Immediately change your passwords! Call the IS HelpDesk at (402) 472-3970. Also change your banking passwords and other email account passwords such as gmail, outlook.com, etc.