University of Michigan - Flint

Phishing is fraudulent e-mail used by criminals to "bait" users into providing private information or clicking on bogus links. Some phishing e-mails are pretty easy to spot, such as the now well-known appeal for help from Nigerian royalty, or e-mails that are poorly written with misspelled words. However, the more sophisticated scams pose as legitimate businesses or services you may use (ex. Ebay, PayPal, your bank), asking for private personal information.  These scams may look very professional, since the criminals use the same graphics as the real sites to fool users into trusting them. 

Sending E-Cards or attachments as if they were coming from a family member or friend is another commonly used trick.  Never open attachments or click links to retrieve greeting cards unless you are absolutely certain it's from someone you know. 

A legitimate organization will never ask for private personal information in an email. If you are ever in doubt about the source of an e-mail, just delete it.

Question 1. You've received an online greeting card from an unnamed friend or family member, with a .pdf attached.  Do you:

A.		Open it quickly, secretly hoping that it's from the hottie you met last night.
B.		Delete it.
C.		Forward it to all your friends, asking if any of them sent it to you.
D.		Reply to the sender with an online thank you card.

Never open attachments or emails from addresses that you do not recognize.  It's better to be safe than sorry.

Computer Security Awareness Home| Next Question

students have attempted the tutorial since January 28, 2008.