Phishing examples

Phishing e-mails can arrive in various forms. This page is designed to help you recognize some common features of these attacks.

 

Example 1:

Phishing example 1

1. Reply address is misspelled and to the wrong email domain

The reply email address will almost always be different from the person that appears to be sending the fraudulent e-mail. This is because the person trying to get your account information is hoping you will hit reply and not notice who the email is actually being sent to. If you did respond to one of these emails and realize it later you should change your password immediately.

2. ONID doesn't have anonymous registration

This is specific to just ONID accounts, but any e-mail address that required prior registration information from that organization is NOT "anonymous registration." No email service will ever send you an e-mail stating your account will be deleted unless you respond with account information! If you are unsure about the e-mail server you are using and think they may do something like this, either call or send a email directly to the support team e-mail that is on the website to ensure that it doesn't get sent to a fraudulent individual.

3. We will never ask you for your password, birthday, country, or GAP?.

No technical support or e-mail provider should ever ask for any personal information, especially passwords. If you have NOT contacted your e-mail or internet provider for help, be very suspicious of any email you receive claiming to be technical support, because tech support should not contact you unless you have asked for help.

4. Conflicting Information

Many times automated messages are created by pulling different sections of text out of a database and often times the information that gets pulled for the email has conflicting information. Of course both propositions of having your account disabled or deleted in 48 or 24 hours is scary and causes many people to act too quickly. ONID will notify you of account deletion or deactivation at least a couple weeks before anything is done. If an email gives you a deadline within hours or days the chances of it being a scam is greatly increased.

Example 2

Phishing Example 2

1. The from address is something other than the domain of your email address.

If you receive a legitimate email message from an administrator of your email the from address should always have the same domain as your email. For example if you receive something from ONID you know your ONID address is of the form "username@onid.orst.edu" so the message should be from "somebody@onid.orst.edu". This is a good first check to see if a message is real.

2. There is information in the email that is just wrong.

This is harder to recognize since you may not always know this information but if it looks wrong to you check it out. Usually information like this will be clearly listed on your email providers page and can easily be verified.

3. The message requests information such as username and password

No technical support group will EVER ask for this kind of information by email. If for some reason we need to have you update information we will send a message that simply asks you to go to ONID and sign in yourself to update it. Also be careful of messages that send you a link to update your information since the link doesn't always go where it says. It is always better to type in the address yourself rather than clicking a link!