Cybercrime and Email Safety
Scams and Cyber Threats
One of the most common scams that every person should be aware of is phishing.
Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as your login credentials, credit card information, social security number, or bank account details. Hackers accomplish this by impersonating a real organization or business you are familiar with. You may receive an e-mail or a text message asking you to verify your account details with a link. When you click on the link you’re taken to an imposter login screen that delivers your information directly to the attackers.
Although we have tools to help protect our networks and computers from cyber threats, we rely on our campus community members to be the first line of defense. Here are a few common scams to watch out for:
- Whaling: a popular ploy aimed at getting you to transfer money or send sensitive information to an attacker via email by impersonating a real company executive. These look like normal emails from a high-level official of the company and ask you for sensitive information. We have recently seen this attack using a request for gift cards or cash. Please contact ITS or Public Safety if you suspect this type of phishing scam.
- Shared Document Phishing: You may receive an e-mail that appears to come from file-sharing sites like Dropbox or Google Drive alerting you that a document has been shared with you. The link provided in these e-mails will take you to a fake login page that mimics the real login page and will steal your account credentials.
- COVID-19 Phishing: this new scam involves scammers posing as a national and global health authority. This may include the World Health Organization (WHO) or the Centers for Disease Control and Prevention (CDC). These emails are designed to trick recipients into downloading malware or providing personal identifying and financial information.
- Employment scams: Various employment scam emails are also circulating. Please be wary of any emails you may receive that involve some type of employment opportunity, even those coming from a Hartford.edu email address.
How to keep yourself safe
To avoid these phishing schemes, please observe the following email best practices:
- Never click on links or attachments from senders that you do not recognize.
- Don’t share sensitive personal information (like usernames and passwords) via email.
- Watch for email senders that use suspicious or misleading domain names.
- Don’t open any shared document that you’re not expecting to receive.
- If you can’t tell if an email is legitimate or not, report it immediately to ITS at firstname.lastname@example.org or 860.768.4357; or Public Safety at email@example.com or 860.768.7985.