Security: Types of Phishing Scams & How to Recognize Them


This article has not been updated recently and may contain dated material.

LSU Recommendation:  NEVER Give Your Personal Information, Password or Credentials to Email Messages Requesting It. It is Most Likely a Scam.

LSU & LSU Departments / Affiliates Will NEVER Request your Personal Information, nor will your LSU Accounts become 'deactivated' for Not Providing Personal Information.


Article Index


Types of Scams

Service Desk or Email Account Deactivation

  • LSU's email services and other email providers will never request you verify your identity via email. They already have that information when your account is setup!
  • These scams are frequently attempting to trick users into revealing login information or visiting malicious sites.
     

an Example of an Email account deactivation scam


Banking Scams

  • Banking scams are designed to extract sensitive banking information from recipients. This information can then be used to craft more convincing scam messages for other targets, gain access to a victim's bank account, commit identity theft, etc.
  • Your bank will never need to ask this kind of information from you; it already has this information in their records.
  • If you have reason to suspect the message was sent by the bank in good faith, you should verify the message's legitimacy by contacting the bank through an official source such as:
    • banking website (do NOT use links in the email, find your bank's official website online or through other resources)
    • the bank's telephone number as listed on your banking statements, official website, debit card, etc
    • visit a physical location and speak with a representative
       

an Example of a mail banking scam, sometimes even from a real bank employee's address


Advanced Fee Fraud Scams

  • Sometimes referred to as 419 or Nigerian scams, advanced fee fraud scams attempt to trick recipients into believing the sender knows of a large sum of money that is owed to the recipient or that the recipient can assist in claiming it.
  • The scam is that there is no large sum of money. The entire scenario is merely attempting to con recipients out of their money, which the sender has no intention of reimbursing
  • The term '419' refers to an article of the Nigerian Criminal Code dealing with this kind of fraud, however these scams can essentially be carried out from anywhere around the world.
  • As a good general rule of thumb, if a random stranger is contacting you offering to give away money, it is a scam and you should not respond. If you respond anyway, they may attempt to convince you to lend them money or even sell your email address as an "active" email where more scammers can send you fraudulent messages. Therefore, you should never respond to these types of emails.
     

Example of an Advance Fee Fraud scam

Example of an Advance Fee Fraud scam attempt to trick recipients


Fake Job & Money Mule Scams

  • The goals of fake job offers and work from home scams range from attempting to extract sensitive information to recruiting users to commit illegal acts unknowingly under the disguise of a job.
  • If a job offer sounds too good to be true, it likely is. Verify the legitimacy of a company through sources such as the Better Business Bureau, physical addresses, Internet searches and more.
  • Beware of any 'job offer' that requires setting up a new bank account to transfer funds on behalf of the company. This is likely a 'money mule' scam where attackers will steal/transfer money from a personal or business banking account to the 'mule' account, and then the mule transfers the money to an off shore account through another banking source like Western Union. By this point, it is unlikely the money can be recovered. Even though the 'money mule' may not know their activity is illegal, they could still be held legally accountable.
     

Example of a Fake Job and Money Muel Scam


Email Attachments

  • Never open an attachment unless you are expecting to receive one from a personal contact. Attachments can potentially contain malicious code that silently infects your computer.
  • Companies, such as Fed Ex/UPS or your bank, don't provide information to customers via attachments.
  • If you are expecting information from businesses or organizations, visit the organization's site via your browser's address bar manually and log in using your account. Do not use links or attachments provided in email messages.
  • Note that spam email often contains .php attachments. There are very few, if any, legitimate emails that require you to run a php script. It is recommended that you ignore such attachments and unless you have contacted the company that the email claims to be from directly (such as through their official website, and not the suspicious email), you should delete the email. Additionally, the examples below show malicious text documents found in some types of spam.
     

an E-mail Attachment scam with a word document (DOCX)

an E-mail Attachment scam with a rich text file (RTF)


Fake Pharmaceuticals

  • Scammers can set up fake online pharmaceutical stores attempting to sell fake or knock-off drugs over the Internet.
  • NEVER purchase goods from these stores. The products at best could be fake with no effect or at worst be a danger to your health.
  • Additionally, making purchases such as these means giving out your banking or credit/debit card information which could lead to financial identity theft.
     

a Fake Pharmaceuticals scam website 


Recognizing Scam Messages & Other Useful Information

 

'From' Address Doesn't Match 'Reply' Address

  • Pay attention to the "From" field of an email address and compare it to email addresses provided in the body of the message.
    • Messages requesting that you reply to a different email address from the original, should be considered highly suspicious.
  • Email messages coming from free email services, claiming to be from a reputable business, are typically Scams. (Examples: AOL, hotmail, gmail, etc.)  
    • Legitimate email messages, from businesses and organizations, usually come from official email accounts. (Examples: person@yourbank.com or someone@officialorganization.com.)
       

an Example of the 'From' Address not matching the 'Reply' Address scam

 


Other Tips and Tricks

  • Pay attention to Grammar & Spelling. Many scammers are not native English speakers and this can be very apparent in their messages. Official businesses, on the other hand, usually take special care to use correct grammar and spelling.
  • If you can determine a message is sent from a legitimate organization but you don't want to receive additional messages, you can often use an 'Unsubscribe' from a link at the bottom of the message. However you should not 'Unsubscribe' from scam messages. Many scam messages include this to make them appear more legitimate and use this information to identify 'active' email accounts or possibly obtain sensitive information from users.
  • As an act of retaliation, some users will attempt to respond in anger or string spammers along to waste their time. However, these actions could provoke spammers and attackers into attempting to send more advanced, targeted messages to the user or find other ways to outright attack the user. The best course of action when dealing with spam is to delete and ignore the messages entirely.

Can I Report Phishing that I Receive?

The LSU IT Security and Policy (ITSP) Team has deployed Cofense Reporter, an application that provides users the ability to report suspicious e-mails to the ITSP team quickly and efficiently. The application is available for all @lsu.edu mailboxes automatically. For more information on how to use this utility, see the article: Report Phishing E-mail - Cofense Reporter

Typically, forged messages mean that the headers contain false data. LSU can help you verify this, but there is little we can do to stop this kind of abuse. However here are a few cases where we recommend you contact security@lsu.edu:

  • You have a phishing message that contains links; the LSU IT Security office has the ability to prevent on-campus users from visiting certain links
  • You clicked on a link or responded with personal information to a potential email scam and need help determining what to do
  • You have a scam message you believe came from another LSU user

As long as you do not click on any links or respond to the email with personal information, you as well as your computer should not be at risk.

As always, if you have any concerns or comments please feel free to contact the LSU IT Security Office with any of your security questions via security@lsu.edu.

16680
12/12/2023 7:15:26 AM