Difference between revisions of "Phishing and Spoofing-Masquerading Spam"

Line 8: Line 8:
  
 
===If You Receive Phishing Email===
 
===If You Receive Phishing Email===
If you receive phishing mail, especially if it's requesting you to log in to the JHU login page, please be wary of it, and if you think it's not legit, please forward it (and any mail headers, if possible, to [[mailto:spam@jhu.edu spam@jhu.edu]] so that they can examine it and take proper action.
+
If you receive phishing mail , especially if it's requesting you to log in to the JHU login page, please be wary of it, and if you think it's not legit, please forward it (and any mail headers, if possible, to [[mailto:spam@jhu.edu spam@jhu.edu]] so that they can examine it and take proper action.
  
Also see: [http://www.it.johnshopkins.edu/services/email/spam/ReportingSpam.html JHU's Reporting Spam and Suspicious Email page]  
+
In addition, if you received spam email at your @jhu.edu account directly, please see: [http://www.it.johnshopkins.edu/services/email/spam/ReportingSpam.html JHU's Reporting Spam and Suspicious Email page]
 
  
 
==Masquerading==
 
==Masquerading==

Revision as of 14:40, 30 November 2018

Phishing

Phishing can generally be defined as non-legitimate email you receive that tries to get you to provide the sender some type of personal information. The sender is "fishing" for info from you. It could be in the form of an html-based email with a login page embedded. It could be something as simple as someone requesting you to send them info directly. It might have a link to a login or info request page.

It is very important that you examing all incoming email to make sure it comes from a legitimate source. Your mail client should provide you a way to look at "mail headers" so you can see if what you think is a legit address in the From: part of your message is actually the real address the sender is sending from.

If your email has a link to a page, the text for the link you see in your email maybe not be where the link actually takes you. Examine the link carefully. If you're at a computer, you might be able to hover your pointer over the link to see its true URL.

If You Receive Phishing Email

If you receive phishing mail , especially if it's requesting you to log in to the JHU login page, please be wary of it, and if you think it's not legit, please forward it (and any mail headers, if possible, to [spam@jhu.edu] so that they can examine it and take proper action.

In addition, if you received spam email at your @jhu.edu account directly, please see: JHU's Reporting Spam and Suspicious Email page

Masquerading

Masquerading is when someone sends an email and it appears to come from someone else. It's a very easy thing for a spammer to do. It's also a very common thing. Spammers can make the From: address in your email look like any name or address. However, the actual mail will come from someone else. Examining the full mail headers for your email (different methods for each email client), can help you determine the actual sender's email address.

If the mail looks like it comes from someone you know, but the message content seems suspicious, examine mail headers for the actual sender, to be sure.


If you receive Spam at Your CS Account

Please visit our category on Spam Filtering

If You Receive Spam (and Phishing) Messages At Your Non-CS @jhu.edu Account

The above information regards users receiving spam (or Phishing) email directly at your @cs.jhu.edu account. However, say you receive email directly at your JHU acct, i.e., your @jhu.edu email address (without it being first forwarded from your CS account to your JHU account), what should you do?
In this case, since you're only dealing with JHU's mail service, you should read: JHU's Reporting Spam and Suspicious Email page for instructions.
Again, this is for those receiving email directly at their @jhu.edu account, and not for those receiving email at their @cs.jhu.edu first and having it forwarded to their @jhu.edu account.