Why do Phishers fish?

Phishers use „social engineering email“ to trick their victims into revealing the details of their user-accounts, bank accounts or credit-card numbers.

In 2013, banks and credit-card companies lost $6 billion from phishing attacks.

Why are universities often the targets of mail-account phishing attacks?

  •   Universities provide a large pool of inexperienced users
  •   Universities are unlikely to black-list other universities
  •   Phishers want to “harvest” as many email accounts as possible

Phishing attacks usually have 3 phases:

  1. set up a web page to collect login details
  2. send a wave of mail-account phishing messages
  3. use the „phished“ accounts to send commercial phishing messages (banking, PayPal, credit-cards)

Our efforts to block a new wave of phishing messages include:

  1. adding keywords & sender details to the filtering system
  2. blocking the IP-address of any URL found in the phishing message
  3. locking „harvested“ mail accounts to force their owners to set a new password

Phishing Increase

In 2013, ETH Zurich IT Services blocked more than 315,000 phishing messages, which was a five-fold increase over the previous year.

Awareness

  • Never enter your login information on an unfamiliar web page or if origin is unknown
  • Before you log on to a web page always check the URL first, no matter how authentic the web page looks
  • ETH internal emails regarding their IT infrastructure will never ask you for your login information by mail
  • If you are referred to a certain web page, always check the URL that it actually is an ETH page. Here are a few quick tips to help you differentiate between authentic and fake sites:
    • Links specified in an email often hide the URL to which they actually direct. With most mail clients, the real URL appears when moving your mouse over the link (without clicking). Do not activate any suspicious links before having ascertained the origin of the email.
    • If you have opened the link, check at the top of the browser that the URL specified there is actually correct.
  •  When in doubt, contact your IT supporter or the ITS Service Desk before clicking on any such links or logging on to the underlying webpage. We will be happy to assist you.

 

 

Posted on
in News English