Isaac Warren
Editor
Lincoln Land Community College has seen at least two phishing attempts on its students this semester. Twice, IT has sent a system-wide email reminding students to be wary of phishing attacks and to never give out student information over email. But what is a phishing scam, and how does it affect students?
When asked, student Jacob said he thought a phishing scam was sort of like stealing someone’s information.
Blake Bergmann, also an LLCC student, said he “had no idea” what a phishing scam was. It seems as though people have heard of phishing, but are not entirely clear as to what it involves.
Phishing is when someone attempts to take someone’s personal information, such as passwords, usernames, or even bank account information. The word is a homophone of the word “fishing,” with both involve baiting something in hopes of getting a good return.
Like a good fisher, scammers will wait patiently until they get what they came for. Phishing scams rely heavily on social engineering. Most hackers nowadays do not usually behave the way movies make them out to be.
Most of the time, there is not a warehouse or empty apartment, with no lighting, and someone furiously typing code on the fly trying to break down a firewall. Although these types of attacks are used, albeit not as common, “hackers” resort to social engineering because it is easy to pretend you are someone else.
In the early days of the internet, America Online, or AOL, was the poster child for the new frontier. Hackers created a program that would allow them to impersonate an AOL employee and attempt to get information from customers, such as bank records, social security numbers, and passwords.
AOL eventually patched the security holes, but the hackers turned to simply pretending. They relied on strong wording in emails that they would send to their victims. Those who believed the fake emails were instructed to reset their passwords via a link provided in the message. The link provided was bogus, and they were essentially writing their sensitive information on a highway billboard for anyone to take.
Today, phishing is common, and the methods are very similar to the methods of hackers 20 years ago. There are very simple ways to protect yourself from scams, without any fancy software.
- Be cautious. Not everyone on the internet is your friend. If something seems too good to be true, it probably is.
- Do not open suspicious emails. The most famous email scams involve a Nigerian prince of some sort, who desperately needs to get millions of dollars out of his country. If you ever find one of these emails, delete it without even opening it. Files attached can contain viruses that can steal your data and even destroy your computer.
- If an email is just a picture of a photocopied letter, never ever follow any directions. Delete it and block that sender from your address book.
- Never give out bank information, passwords, or any sensitive information via email. LLCC IT will never ask for your personal information over an email. If you get an email notifying that you have been hacked, you can disregard those almost 100% of the time.
- If someone calls you claiming to work for Microsoft, Apple, or the IRS, they are fake. The IRS never cold calls anyone, Microsoft and Apple will not either.
- You can put your number on the Do Not Call registry to show companies that your number cannot be called to sell you anything. If you still receive a call from a bogus company, write down the phone number, ask for their business address, and report them to the Federal Trade Commission for breaking federal law.
Isaac Warren can be reached at [email protected]
