Mason has faced a record number of phishing attacks in the past nine months. With high profile security breaches making headlines in the private and government sectors, Internet users have more reason than ever to tread carefully when it comes to personal information.
In the first half of 2015, Mason noted 84 fraudulent emails, up from a reported 67 attempts in 2014. New phishing attempts are reported on Blackboard for students to see, with the most recent examples posted September 2 and 4.
A few weeks ago, Mason’s IT staff sent out another warning, this time addressing those working in government offices, who are particularly susceptible to the attacks. Phishing, or the act of drawing a person’s personal and/or financial information by imitating legitimate businesses, often gets lumped into other Internet security issues, such as hacking and viruses, but phishing involves some action on the part of the user. For this reason, IT departments like Mason’s train Internet users to prevent personal or corporate loss.
Phishing deliberately misleads the consumer by drawing out information in false links and websites. According to the security firm RSA, phishing netted $4.5 billion in losses for global organizations in 2014.
Though the Anti-Phishing Working Group reported that the overall number of institutions declined from the first half of the year (a record high of 756) to 569 the second half, Mason reports that individual strains of email are on the rise.
Many companies, especially financial institutions, will distribute information about the types of communication they use, with most companies explicitly stating they don’t attempt to collect users’ private information. Mason’s IT Security published a flyer with five steps to combat this specific security threat and says the number one way to prevent phishing attacks is “to be wary of requests for confidential information” such as your username and password.
The IRS asks users to report any phishing attempts directly to the IRS’s dedicated phishing team and all other attempts to the Anti-Phishing Working Group.
Elsewhere on the list, Mason IT urges students to question the validity of any email and verify all links before clicking. If there is any doubt as to the authenticity of a message, an individual may contact the institution directly through its official website or phone number.