The beginning of tax season is when phishing artists ramp up their angling for your W-2s and other financial information. The number of people affected by increasingly sophisticated phone and email scams and phishing attacks is larger every year.
Phishing is an effort to gather usernames, passwords, and other sensitive information by masquerading as trustworthy entities, such as the IT Help Desk or individual members of the college administration. The most common phishing methods use email to a) request personal information, b) lure users to dangerous websites, c) distribute virus-containing attachments, or d) threaten to reveal personal details unless a ransom is paid. If an email seems suspicious or comes from an unexpected source, it likely is a phishing attack.
A recent phishing scam links to an “Employee Satisfaction” survey that asks for your username and password. Credentials captured on the survey are used to gain access to and possibly modify personal financial information.
While Amherst College IT blocks many phishing emails before they get to your Inbox, some do sneak through our defenses. Please remain vigilant! If you receive a phishing email, please follow the recommendations below.
- Respond to the email in any way (do not engage with the sender)
- Click any links
- Open any attachments
- Provide any data to any websites that you are not absolutely sure are valid
- Forward the email to firstname.lastname@example.org
- Delete the email from your inbox
- Contact AskIT@amherst.edu immediately if you accidentally click on a phishing link