Phishing Attacks: Don't Take the Bait!
What is phishing?
Phishing scams are fraudulent email messages that appear to come from legitimate sources (e.g., Oxy, your bank, or your Internet service provider). Usually, the messages direct you to a spoofed (faked) website or otherwise attempt to get you to divulge private information (e.g., password, credit card, or other account details). The perpetrators then use this private information to commit identity theft.
What to LOOK FOR
- Wrong names: your name, the organization's name, or a group within the organization's name.
- Misspelled words and/or bad grammar.
- Incorrect or suspiciously complicated URLs.
- From a wrong or unknown email address.
What to DO
- When in doubt, type it out!
Even messages purporting to come from the ITS Helpdesk, ITS staff, or any Oxy employee could be spoofed, or the oxy.edu account could have been compromised. Especially if the message contains a threat (losing access to your email or another account) or urges an immediate response, type the URL for the service directly into your browser, or go to the oxy.edu homepage to find the my.oxy login link.
Memorizing the my.oxy.edu URL as well as the direct URLs for email (oxyconnect.oxy.edu) and Moodle (moodle.oxy.edu) would be a great start. You can also call the person or office to inquire about the email and ensure it's legitimate.
Email doesn't always come from the email address you see.
- If you didn't expect it, reject it. Don't click unexpected links!
As noted above it is possible to spoof an email address or for an account to be compromised and used to send out phishing emails, so if you didn't expect an email of this nature from this person or account, don't click on the link.
- Hover to Discover. Look out for deceptive links!
Hover over the link (don't click!), or for a touchscreen, lightly press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window, or the menu pop-up on an iPhone.) Don't click on a link unless it goes to a URL you trust.
- Check for Trash Before the Slash
Verify the link in your browser bar before entering Oxy credentials! You should see a known oxy.edu URL. A few tactics that phishng attempts may employ are:
- Hiding the real link in the email: using "Click here" or even displaying a url such as "https://oxy.edu" when the underlying URL is pointing somewhere else.
- Using a URL that's close to but not the actual URL - for example, using .net if the company's site is .org or .com.
- Redirecting the URL to another site
Is it a Phish? Drop us a line.
Please forward the message to email@example.com and then delete it from your email.
A recent phishing attempt aimed at the Occidental Community
In this recent phishing attempt for Oxy the email below came from "Oxy - Public Health" and cited "Occidental College Public Health Care" which is not an office that exists at Oxy. The phone numbers listed were not actual Oxy phone numbers, and though the email address it came from had @oxy.edu at the end, it too, was fake.
Similarly, you may receive an email from "Oxy College" or "Tech Services" or "Information Security Department" - the list could go on. If the organization's name and/or email address is not 100% accurate, delete the email. You can always call or visit the department to ask if you're not sure about an email.
Sometimes it'll be a very good spoof of our login page, as with the fake - but passible, if you don't look closely at the URL. The sender is hoping you will enter your username and password in order to steal your credentials. Always double-check the URL of every login page before you enter your information.