Don't take the bait! This page shows example computing threats, such as phishing scams, that you should avoid. Phishers are fishing for your personal information, such as passwords and credit card numbers. Never provide this information by replying or following links in the email. Under no circumstances will CUS or other members of the CIS department ask for your password. If in doubt about the legitimacy of an email, contact CUS. To learn how to keep yourself protected, visit our phishing page.
To report a phishing scam you receive, email it (with full headers) to firstname.lastname@example.org.
Google Hangout Phish - PostedSpear phishers strike again! This time pretending to be a Reed employee (using a valid name and job title) on Google Hangouts! Be suspicious of any request no matter what communication method is used (email, chat, phone, text, etc.). Carefully examine the sender's contact info and please check with the Help Desk if in doubt.
Another spear phish message - PostedAnother spear phish message purportedly from the current president. On close inspection, you'll notice the sender's address is not quite right. Even if the sender's address appeared correct, be suspicious, as spoofing is a common tactic among phishers.
"Follow up" Email From (Ex) President of Reed - Posted
Hey, it's me, the College's ex-president following up with you about that one thing we talked about, are you available?
This is a great example of a spear phishing attack, where the spammer does some research about the target and uses real names of officials or employees to seem more legitimate. However, we immediately can see clues that the email is not coming from a college official (ie: spelling and punctuation errors, a non-organizational email address, and unnecessary ask with a sense of urgency). Keep your eyes peeled, and hit that spam button whenever you detect those! You can always contact CUS if you have any questions about the legitimacy of any message.
From: John Kroger <email@example.com>
Date: Mon, Oct 22, 2018 at 11:45 AM
Subject: Follow up
To: undisclosed users
Are you available?
president John Kroger
School billing statement malware - Posted
School is starting, and scammers are running wild, attempting to prey on the unsuspecting! If you receive an unsolicited email requesting that you click a link or download an attached "school statement" to make a payment... be skeptical! Contact Reed's Business Office (503-777-7505) to confirm that the message is legitimate.
Below is an example of an infected attachment in an email going around. Gmail caught this one, but don't rely on Google to warn you of suspicious attachments.