Always be skeptical, especially of things that are free. Chances are,
you didn't just win a lottery without buying a ticket, and a foreign
oil magnate is not going to give you ten million dollars for
laundering his money. These types of "phishing scams" seem to be
spreading more frequently and are becoming more intelligent.
Now, scammers send email claiming to be from a bank or some other trusted
online institution and beg, cajole, or threaten us to give them our
account numbers and PINs. They even can include links to webpages
that look exactly like the real thing. If you ever receive a message
like this, and you think it may be legitimate, bring up your web
browser and type the URL that you are already aware of. Don't trust
the email message to contain any valid information, and don't follow
links to modify your online accounts.
When you're downloading free software from the Internet, make sure
you read the fine print. Lately, it seems more and more companies are
giving away "free" services or software on the condition that you
agree to have all of your Internet activity monitored and the results
sold. So be careful out there. The days when you could safely agree
to anything are long gone, if in fact they ever existed at all.
Even though CUIT carefully maintains filters that prevent most spam
from reaching inboxes, phishing scams are more likely to get through.
These messages look very legitimate to scanning software. If you'd
like, you can set up a personal spam filter online that is less
tolerant than the one used by the whole University. Follow the link
below for more information.
CUIT filters out executable and archived (or "zipped") attachments,
so it's extremely unlikely that a virus will ever be sent to your
Columbia account. Other accounts on other servers, however, do not
take this step. For this reason, always be suspicious of file
attachments that are sent to you, even if you know the person sending
it. Many worms will send themselves to everyone on a given machine's
contact list. Others misrepresent their origins by changing (or
"spoofing") the email address of the sender.
Instant messenger networks are vulnerable to worms spreading
through file attachments or links to infected websites. If you are
presented with a file or a link, even if it is from someone you know,
and you weren't expecting it, send a message back to get confirmation
that it's safe.
If you use Columbia's email system, you can set up personal block
lists and also adjust the tolerance of your spam filter by visiting
http://uni.columbia.edu or by clicking the Account Management link
Recognizing and Avoiding Email Scams
Manage Your UNI Account
Anti-Phishing Working Group
To reach this page quickly in the future, use the keyword phishing.
Send reports of security incidents, attacks, or questions to firstname.lastname@example.org