内搜索:

有用的链接

在俄亥俄州

关于俄亥俄 入学 体育运动
学者 俄亥俄州的生活

与我们联系

newbb电子平台得宝
公园广场1号
雅典,俄亥俄州45701
帮助.俄亥俄州.edu

识别恶意邮件

如果你点击了一个链接该怎么办

If you clicked on a link or button in a scam email and entered your 俄亥俄州 ID and password into the resulting site, 你应该立即更改密码. If you need assistance changing your password, contact the IT服务台 at 740-593-1222 or servicedesk@俄亥俄州.edu.

网络钓鱼碗

网络钓鱼碗 is a new tool designed to promote phishing awareness. Phishing is the top social attack on businesses, responsible for more than 90% of security breaches. 的re is no concrete way to prevent phishing attacks, meaning awareness is our strongest line of defense. As wide-impact phishing messages are reported, they will be posted on the 网络钓鱼碗 along with a verdict and a date. Phishing messages come in a variety of formats. Be sure to check out types of phishing messages to see common phishing attempts the University receives.

识别网络钓鱼企图

Phishing is when internet attackers impersonate someone or something you know to get you to disclose sensitive information, 比如你的密码或信用卡信息. Anything from your bank routing information to learning if you have an account with a particular service are all valuable to the criminal. While not every unsolicited email is a phishing attack, it should be inspected for other suspicious elements that may 帮助 you identify if it's legitimate or not. A good rule of thumb is to ignore and delete the email if it has two or more of the following suspicious elements.

我们的视频, 发现网络钓鱼的迹象, provides useful information about recognizing phishing emails. 

网络钓鱼信息的迹象

  • 不请自来的. Don't trust emails you weren't expecting to receive that ask for information.
  • 好得令人难以置信. If it sounds too good to be true, it probably is. Part-time job scams often offer to pay an exorbitant amount of money for a simple task.
  • 询问个人或财务信息. Don't reply to emails requesting this information, report them.
  • 欺骗性网页链接. Hover your mouse on the hyperlink to view its true destination. 如果你不认识它,就不要点击它.
  • 合法地址的变化. For example, an email address ending in @俄亥俄州-edu.Org而不是@俄亥俄州.edu.
  • 伪造寄件人地址. Click the sender's name to view their email address.
  • 请求紧急. 的 attacker wants you to act quickly so you don't notice the email is suspicious.
  • Fraudulent sites often don't start with http (s代表安全). Never sign into websites that aren't using http.
  • 拼写错误和语法错误. A legitimate email would proofread and fix these errors before sending.

网络钓鱼邮件的类型

  • 电子邮件冒充或欺骗 is a forgery of a message so it appears to have originated from a legitimate sender. This is a popular tactic by attackers as the recipient is more likely to open a message from a familiar source. 的se attacks often turn into gift card scams, where the attacker influences the individual to buy gift cards.
  • 兼职工作诈骗 often target college students or alumni who may be searching for job opportunities. 的se scams are fake job offers that are usually too good to be true, 工作少,工资高. Be wary of any unsolicited emails with this characteristic, especially ones that send a check prior to you beginning any work. 的 scammer often will request you to wire a portion of the check back to them, 你会损失这笔钱.
  • 标记为恶意软件的电子邮件 have been identified to contain a link or an attachment that directs your machine to install malicious software. 一般, malicious software can delete or steal personal information, 放慢你的电脑速度, 把你的文件加密,然后拿去勒索赎金, 或者展示不想要的广告.
  • 敲诈勒索 email messages threaten the recipient and demand a payment, often in the form of a cryptocurrency like Bitcoin. A popular extortion category is known as sextortion, where the attacker will claim they have malware installed on your computer that captured embarrassing photos of you. Attackers may also leverage previously breached credentials for services tied to your email address to provide a level of authenticity to their message.
  • Vishing is a type of social engineering attempt that takes place over the phone. A random number or spoofed phone number calls and a bad actor attempts to collect valuable personal information by claiming they are a debt collector or other type of customer service representative.
  • 鱼叉式网络钓鱼 电子邮件消息是 more targeted and personalized in order to increase chances of fooling recipients, spear phishing a攻击使用公开可用的信息 to impersonate target's friends, relatives, coworkers, and other trusted contacts. 的 attacker will gather information about you through your social media accounts or through your employer's webpage.
    • Tip: Do a web search for your name and see what results are returned. Is there any information you're not comfortable being public? Attackers can use this information to customize a phishing message for you to make it appear more legitimate.

To report a phish or ask for assistance in determining legitimacy, 将电子邮件作为附件转发到 security@俄亥俄州.edu. 你可以学着去做 在这里作为附件转发.

For additional information in identifying malicious emails, 访问StaySafeOnline for a wide variety of educational resources to learn how to protect yourself, 你的家人, 还有你的设备.