Phishing Scams

Phishing email messages are fake email messages which attempt to trick you into giving up confidential information.  These emails are often crafted to impersonate a well-known organization (such as Whitman College, your bank, Paypal, or the IRS).  They may ask you to respond directly via email, respond to an email address in the message, visit a website, or call a phone number.  They frequently claim you have won a prize or threaten you with some action (such as deletion of your account) if you do not respond.

You should NEVER respond to a phishing email.  NEVER assume where an email came from based on the "From:" address (it can be forged).  Email is not a secure method of transmitting information - NEVER send personal or sensitive information via email.  NEVER call a phone number or visit a link in a phishing email.  If you think the email might be legitimate, call the organization's main phone number or visit its main web site address.

If you receive an email and you're not sure whether or not it is legitimate, forward it to the WCTS Helpdesk and ask.

Attachments

Do NOT open an email attachment unless you were specifically expecting that file from that person. If you are at all uncertain, contact the sender and ask them if they meant to send you the attachment.

An email attachments is NOT safe just because it appears to come from someone you know! You are actually more likely to receive an infected attachment from someone you know because if that person's computer is infected, it is likely sending email to everyone in that person's email address book (a.k.a. you).

Don't be fooled! Often the sender of an infected message is faked. This is a fairly recent trick called "social engineering" -- the virus picks up email addresses found within the local network and puts those addresses in the "from" box. They hope you will be more likely to open the attachment because it looks like it is from someone within your community and therefore appears more legitimate.