Skip Navigation
Multi Photo Banner
About The School Header Image

New Blog Teaches How to Avoid ‘Phish’ Net

Friday, March 28, 2014 - 12:54pm

Sketch of a black shark on orange background

 

Plenty of alarms have sounded as of late about how “phishermen” have attempted to phish for your life.

At one of The University of Texas System institutions last year, several employees’ direct paycheck deposits were routed to fraudulent bank accounts and funds transferred to those accounts. In February, 1,291 UTHealth users received a bogus message from a spoofed university email account.

The incessant attacks to our email system have prompted our institution’s internet security soldiers to craft ways to fend off threats. Catch of the Day, a new blog just launched, is the latest effort to help you discern threats and steer clear of the “phish” net.

THREATS OF ALL STRIPES

As told in these “phish” tales in the blog, the phishing emails seem to come from dutiful guardians of your Internet security: the webmaster, the system administrator, the help desk, and even the tech giant, Apple.

The warnings come in all stripes: Your online account has been hacked. A technical issue requires your accounts to be reactivated. Your service will be interrupted for a planned system upgrade. Or simply your mailbox is approaching its allotted capacity.


One thing is in common: They each prod you to click a link to confirm your account login credentials by typing your username and password into a Web form. If you do so, you’ve given the con artist a free pass to your accounts.

“They’ve been ramping up phishing in terms of quantity and sophistication, and the attacks have been occurring on a daily basis,” says Jose “JR” Ramirez, IT security manager.

Some links in the phishing emails take you to pages set up to infect your computer system with malware – malicious software to track your online activity or steal your personal information.

“Phishing’s been responsible for almost all of the major data breaches,” says Mark Stingley, network security architect.

FORTRESS IN PLACE, BUT NOT FOOLPROOF

The new blog launched on the heels of an antiphishing system known as Proofpoint, which IT put in place in late 2013.

“Proofpoint has been blocking millions of phishing messages every month,” says Benjamin Graham, system administrator and a Proofpoint project lead, noting a sharp decline in the number of user accounts compromised.

Amar Yousif, chief information security officer, cautions the system isn’t “bulletproof.”

“It filters inbound spam and phishing messages and disables suspicious links in the ones that make it through the filter,” he says. “But still some escape the system.”

If the security system catches a phishing email, Byron Yancy, senior network security analyst, emails the recipient to warn against clicking links in the phishing message. The Proofpoint system will blacklist the phishing source against future attacks.

NEW BLOG DISSECTS PHISHING, ARMS USERS

So how can you discern phishing?

Bad grammar, misspellings, random capitalization of letters, vague sender identifiers and requests for personal information are among the cues, says Ryan Edson, information security analyst who authors the blog.  The blog provides a screenshot and detailed analysis of each “phish” – phishing email caught by IT – and tips on signs to watch. The blog also lets you give online feedback.

WHAT YOU SHOULD DO

 Yousif urges vigilance at all times when dealing with emails.

“Folks ought to continue to think twice before they click a link in an email,” he says. “If they are ever in doubt, they should send the suspicious email to us as an attachment so that we can examine it for them.”

To do so, follow these steps:

1.    Open Microsoft Outlook and create a new email message.
2.    Type its@uth.tmc.edu in the “To” field.
3.    Drag the suspicious message from the Outlook inbox message list to the new email message you created to be attached.
4.    Hit the “Send” button.

Learn more about phishing and other online security topics here. Call the Help Desk at 713-486-4848 with any questions.