(pronounced the same as "fishing")
is a practice of some computer criminals (here we'll call them "phishers").
A phisher sends out emails that are designed to trick the recipients into
divulging sensitive information, such as Social Security Number, credit card
numbers, bank account numbers, or passwords.
Learn from examples. See our Threats web page
for many samples of past phishing emails received by USC email users.
Phishers have often targeted USC email accounts with their scams, trying to
convince recipients to reveal their email passwords. If even one person out
of thousands falls for the scam, and sends their password, the phisher can
then use that account to send thousands of spam or phishing emails. When major email services (AOL, GMail, Yahoo, Hotmail, etc)
detect spam or phishing e-mails coming from our mail servers, they block us.
Then no USC email accounts can send mail to these destinations until they
remove their block.
University Technology Services (UTS) is responsible for maintaining email
services for most of USC. In response to an increase in phishing attacks, UTS
has implemented the following countermeasures:
- User Awareness Campaign:
The poster shown below is being distributed around campus.
- Phishing Email Tagging:
Phishing e-mails cannot be detected with 100% accuracy through automated
means, and therefore blocking is not feasible. Instead, UTS is now
automatically tagging any suspicious e-mail as "POTENTIAL PHISHING ATTEMPT"
in order to warn the recipient.
UTS is monitoring this email address. Users who receive
phishing emails are encouraged to forward them to this address.