Safe Computing @ Andrews

When Internet criminals impersonate a business to trick you into giving out your personal information, it’s called phishing. Do not reply to email, text or pop-up messages that ask for your personal or financial information. Don’t click on links within them either—even if the message seems to be from an organization you trust, like Andrews University—It is not! Legitimate businesses don’t ask you to send sensitive information through insecure channels.
Malicious email typically uses urgent language, asks for passwords, bank account numbers, user names, credit card numbers or other personal information; and may have grammatical, typographical or other obvious errors.

• Spear Phishing: Scam, Not Sport  |  Norton
• Phishing  |  OnGuardOnline.gov
• Recent Phishing Emails at Andrews University
• Take this "phishing" quiz from OnGuardOnline.gov
• Report phishing attempts. If you suspect an email to be a phishing attempt, forward the entire email to helpdesk@andrews.edu.

What happens if I am scammed?
If you think you gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised.

• Change your Andrews password. go to Vault, sign-in to My Account, then select Change Your Password.
• Carefully review any online accounts that became vulnerable as a result of responding to the email message.

Report Possible Phishing Scams and IT Security Incidents
If you have received an email that you believe is a potential phishing scam, it is important that you report the incident(s) as soon as possible so that work can begin to investigate and resolve them. Forward the suspected phishing email to the ITS Helpdesk at helpdesk@andrews.edu. IT security incidents include but are not limited to items listed in 1:762:10 General Guidelines of the Andrews University Computers & Networks Policy.

Still Not Sure?
The following links are well-known services to check domains for reports of phishing, scams and spam email. They let you search for websites and domains that have been reported by others as being good or bad.

https://community.opendns.com/domaintagging/
https://www.mywot.com/en/scorecard
http://www.phishtank.com/

• Set up your spam filter. Search online for various tutorials concerning instructions for your email client.  Andrews University uses a spam filter by Microsoft.  For more information, see Manage Spam Emails at Andrews.
• Block unwanted instant messages. Spam attacks instant messenger as well, so set up your spam filter on your messaging client.
• Block Images. Pictures sent through email can be modified to communicate with the sender. Spammers use the info to find active email addresses so prevent pictures from downloading until you’ve read the message. Check your email User’s Guide to learn about this feature.
• Only share your primary email address with people you know
• Set up an email address dedicated solely to web transactions
• Watch out for pre-checked boxes. When you buy or download online, companies sometimes pre-select check boxes to trick you. Make sure to read all check boxes and uncheck anything you don’t agree with.
• Delete junk email messages without opening them. Some emails contain hooks that capture your email address when you open the email.
• Don’t reply to spam emails. Be wary of messages that include a link to "remove me from this list."
• Don’t give out personal information in an email or instant message.
• Think twice before opening attachments or clicking links in e-mail or instant messages. Viruses can attach themselves to email and infect your computer when you click on them.
• Don’t buy anything or give to any charity promoted through spam. Spammers often swap email lists. So, buying something from spam mail may result in your name being passed to another spammer resulting in even more spam being sent directly to you.
• Don’t forward chain email messages. You can easily lose control of who sees your email address and further provide your email address to additional spammers.
• Report abusive, harassing, or threatening email messages to Student Life and Campus Safety.
• Report phishing scams or fraudulent emails to the company who was misrepresented by contacting them directly.

Our office recommends the following free software for effective anti-virus and anti-malware protection:

• Malwarebytes
• Windows Defender  |  Built-in to Windows 8.1 and 10

• Malwarebytes
• Sophos