Be Aware of Phishing Risks

SPAM and phishing emails are on the increase at Chattanooga State. Ensuring that our email systems is as clean from SPAM as possible requires all of us to be vigilant. One of the things you can do to prevent spam is to keep your email address off spam lists by keeping it low profile. When you post your email address in an online forum or allow a software tool to collect information on you and your address book, you are not only opening your account to be hacked but everyone in your address book as well.

Always review the privacy policy of any tool/software you are thinking of using at work. Example: a new calendar tool was downloaded by a user to set up meetings with students. It worked great and was easy to use, so the user shared this great new tool with everyone. Everyone that tried it loved it. However, this specific tool also downloaded and kept the following information of everyone that used it:

1) The tool collected information about you directly, from you and through your use of their platform.

2) They combine information that they collect about you from other sources through your email account.

3) Name, email address, phone number, email addresses of other people, web address, device model, operating system, browser type, unique device identifiers. IP address, mobile network carrier, time zone and locations are some of the info that was being stored in their system

4) Subject of meetings. Did you ever wonder how you can receive an email from a vendor concerning a subject that you had been researching and attended a meeting about?

5) If you gave the tool permission they connected to your Google, Microsoft Office 365 accounts or other similar services.

6) Cookies, web beacons and other technologies used to receive and store information when you interacted with your computer or mobile device.

Before buying or installing a new tool or software, check with Technology to ensure you make an informed decision.

So how can you detect SPAM in your email account? Here are five of the most common ways:

1) The email seems to be a warning like the one below – don’t click, just delete.

2) Look at the emails sender’s email address. A lot of times this will let you know because it’s not the correct URL, example: [email protected]. ChSCC’s URL are always @chattanoogastate.edu for faculty/staff or @mychattanoogastate.edu – if you’re a student.

3) Hover your mouse over the link in the email. Example: an email has a button or link within the body of the email – like “view the document sent to you “HERE” Hovering over the “HERE” button will show you the true URL of whomever sent it to you, such as: ncyog.ce/ace/microsoftaccount.html. If the URL seems suspicious and doesn’t look like anyone who would be needing information from you or sending information to you, don’t click, just delete.

4) Are their spelling or grammatical errors? If you see an email with 2 or more errors, delete it. Example: PAYPAl instead of PAYPAL or websight instead of website.

5) Does the email just look wrong or sound to good? Are you being guaranteed money for doing a task; or you have a package from Amazon that they need information to deliver, but you haven’t ordered anything. The old adage, ”If it’s too good to be true, it probably is” is still true today.

If you have any questions or receive an email that you are not sure about, please call the Technology Service Desk at 697-3375.