There are many forms of email scam, but one of most common right now is phishing, which is an attempt by a malicious party to trick message recipients into taking actions that will reveal private information (like passwords) or cause malicious software to be installed on the recipient’s computer. Understanding these attempts, learning to identify them, and knowing what action to take when such attempts are made can be crucial to protecting your information as well as Tarleton’s.

Two Techniques: Spoofing and Hacking

Spoofing occurs when a malicious party takes advantage of weaknesses in the Internet email system which enable them to forge the “from” address, allowing the malicious sender to pose as a trusted person or entity and trick the recipient into taking action which might reveal private or secret information or which might cause malicious software to be run on the recipient’s computer. Spoofed messages do not come from or pass through the email system of the forged sender; they just give that appearance.

Hacking occurs when a malicious party has gained access to a victim’s email address and password; for example, via a spoofed message from “[email protected]” or “[email protected]” directing the victim to “validate their email account” by clicking on a link and then entering credentials on a fake, but real-looking, web page. Once the malicious party has the victim’s credentials, he/she/they can login as the victim and send unlimited messages of any kind, to anyone as the victim. The hacker effectively becomes the victim and can perpetrate further scams in the victim’s name with no need to forge or spoof the victim’s address.

If you think an email is a phishing attempt, please contact the Tarleton Helpdesk at [email protected] or calling them at 254-968-9885.

Did the Email Actually Come from Someone That You Trust?

Where did the email originate? Although the from in the following example appears valid, if you look closely, you’ll see that the mailto: is a Gmail account instead. If they don’t match, this is definitely a phishing attempt.

Official email from A&M System components will usually not originate from non-Tarleton accounts. Don’t be fooled by similar spellings, either (i.e. [email protected]).

fakeemail

The From or Reply To email address is a different domain or slightly different spelling than the official email address.

Is This Really the Site That You Wanted?

fakelink

Where will the links take you when you click on them? When you hover your mouse cursor over links in an email, you should look to see whether the displayed link actually matches the text of the link in what you see when you are not hovering over it.

In this case, when you hover over the link address in the email message, you will see a very different link that would take you to an unsecure site. This is a good indication that the email you are viewing is a phishing attempt.

Avoid the Bait of a Phishing Scam

Online con-games are designed to prey on unsuspecting recipients with attention- getting emails that appear to come from legitimate institutions.

Examples include:

  • Financial institutions such as banks, savings and loans, or mortgage accounts
  • A shipping or packaging company that has the words ‘Delivery Failure’ in the subject line
  • A fake email from an FBI Director, CIO or other high-ranking individual
  • A message from “your” help desk or email service asking for account information, passwords or other personal information

The messages may ask you to ‘update,’ ‘validate,’ or ‘confirm’ account or email address information, or will include links that direct you to a site that looks like the actual Web site.

The purpose is to trick you into divulging personal information or to download malicious code that can record all keystrokes including passwords or copy contact list information to scam friends and family or commit other crimes in the your name.

More Information

File a Complaint

Tarleton Rule: Electronic Information Resource Complaints

Recent Phishing Scams

Open each drop-down to see what the most recent phishing scams look like.

From: [email protected]
Date: 12/18/2019
Subject: XXX shared onedrive with you

How are you doing today? Pls can you kindly view the document i sent you using one-drive office and let me have your opinion upon review and analysis.

From: various senders
Date: 12/18/2019
Subject: Shop and Earn More

Shoppers, Inc is now hiring part-time Mystery shopper. Earn $300 to $400 weekly. To apply and read more, click here link that should not be accessed

From: various senders
Date: 12/18/2019
Subject: Help Desk!

This is to notify you all that we are validating active accounts. Kindly confirm that your account is still in use by clicking the validation link below.

Validate Email Account (do not click link)

Sincerely!
IT Help Desk
Office of Information Technology