"Phishing attacks are on the rise at NIH and while we are taking
measures to address the problem, our best defense is user awareness," says
Jaren Doherty, chief information security officer for NIH. "Because
phishing emails have become more sophisticated and can appear to
be legitimate, users need to be extremely cautious about responding
to any suspect emails."
How Phishing Works
Phishing is not so much a high-tech computer attack as it is an
old-fashioned con game, played at electronic speed. The con uses
deceit, guile and fear to make you willingly give up personal information
that is then used to run up credit-card bills in your name, get
bank loans and reach into your savings. They can file false tax
reports, remove funds from your financial accounts, and even open
a bank account in your name.
The goal of the con is to leave you little time to think before
responding. Phishing email appears to be urgent in nature. It often
includes authentic- looking logos and links to "real" businesses
such as AOL, PayPal, BestBuy, Earthlink and eBay. It may state
that "for security purposes" you need to immediately update or
validate your account information to keep your account active.
How to Avoid Taking the Bait
This dangerous attack has become the largest source of identity
theft today. The number of reported phishing web sites grew 30
percent from October 2004 through May 2005. Because NIH email addresses
are public, you can expect to be a target. Your best defense is
- Be suspicious of any email with urgent requests for your financial
- Know that reputable businesses never send email asking you
to update their files via the web. If you receive such a request,
call the company to verify it. However, do not use any phone
numbers contained in the suspect email because they may be false
and part of the scam.
- When you submit personal information over the web, be sure
you are sending it to a secure site and that the web address
starts with https:// (an "s" on the end), not http://.
- Beware of messages with poor spelling and grammar.
- Scammers will alter legitimate web site addresses (otherwise
known as a url — universal resource locator), by substituting
characters that look like others (using zero instead of the letter "O").
The longer the address, the easier it is to disguise the changes.
If You Think You've Been "Hooked"
- Immediately place fraud alerts with the three major credit
reporting companies. This will protect your credit should your
identity be stolen. You may contact them at:
- Equifax — http://www.equifax.com/,
- Experian — http://www.experian.com/,
- TransUnion — http://www.transunion.com/,
- If you provided your bank account or credit-card number, call
the institutions, report the fraud, cancel the account(s) and
open a new account.
It's a good idea to regularly review your credit report at the
three major credit bureaus. Identity theft can occur in many ways,
not just from a "phishing" trip. If you have been victimized, "new" credit
card accounts may appear.
If you receive a suspected phishing email at NIH, forward the
email to the NIH Help Desk: email@example.com, http://ithelpdesk.nih.gov,
phone (301) 496-4357, (866) 319-4357 (toll free) or (301) 496-8294
(TTY). Once notified, NIH IT staff will attempt to block these
emails and malicious web sites. Visit http://securitynews.nih.gov/phishing_alert.doc for
more advice on phishing.
|Would you respond to the email below?
Other than changing the name to “BankUTrust,” this
is an actual phishing email that was recently received at NIH.
From: BankUTrust [mailto:firstname.lastname@example.org]
Sent: Monday, July 11, 2005 6:47 AM
Subject: Account Update
Account Info Verification
Dear BankUTrust holder account,
As part of our security measures, we regularly screen activity
in our BankUTrust network. We recently noticed the following
issue on your account: A recent review of your account determined
that we require some additional information from you in order
to provide you with secure service. Case ID Number: PP-065-617-349.
For your protection, we have limited access to your account
until additional security measures can be completed. We apologize
for any inconvenience this may cause. Please update your
BankUTrust account to restore your access as soon as possible.
You must click the link below and fill in the form on the
following page to complete the verification process.
Click here to update your account http://220.127.116.11/gerewjrewiprjewrewirjewrewjrewprj
eworjewrjpjdsadiahdaidhj adhuiorijrewrewjrrewrewopod sadanewqeopkdaewjopkafasijda
In accordance with BankUTrust User Agreement, your account
access will remain limited until the issue has been resolved.
Unfortunately, if access to your account remains limited
for an extended period of time, it may result in further
limitations or eventual account closure. We encourage you
to update your BankUTrust account as soon as possible to
help avoid this. We thank you for your prompt attention to
this matter. Please understand that this is a security measure
intended to help protect you and your account.
We apologize for any inconvenience.
Sincerely, BankUTrust Account Review Department
Please do not reply to this e-mail.
to top of page