Security

Phishing is a technique criminals use to gain their victim’s trust by sending convincing e-mail messages or leaving an official-sounding phone or text message to pose as a legitimate organization – like Dickinson College, a bank, your daughter’s school, or a government agency.  Messages or websites phishing for information might ask you to enter the following information:​

• Usernames and passwords​
• Social Security numbers​
• Bank account numbers​
• PINs (Personal Identification Numbers)​
• Full credit card numbers​
• Your mother’s maiden name​
• Your birthday​

How can you recognize phishing?  It can be really hard!  You can get an email that claims to be from a trusted source like the Dickinson College Help Desk.  The message will claim that your account is in jeopardy somehow unless you …​

• Email your password in a reply.​
• Click on a link to go to a web page that is supposedly the web site of the trusted entity​

NEVER respond to any of these messages, no matter how realistic it might appear. If you respond with the information, then your computer or accounts may be compromised and be used to do harmful things to you or other people.​​

LEARN HOW TO SPOT A PHISH!​

October 2015, LIS will be releasing a Phishing Tutorial and Quiz!  Watch the Dickinson Today for the announcement.​ You can also take the SonicWALL Phishing IQ Test. See how good you are at spotting the phish!

Identity theft occurs when someone uses another person's personal information such as name, Social Security number, driver's license number, credit card number or other identifying information to take on that person's identity in order to commit fraud or other crimes.​

REPORT TO LIS!

If you think you have responded to a phishing message or are a victim of identity theft, do the following:

• Call the Help Desk (x1000 or 717-245-1000), or visit us in the lower level of the Waidner-Spahr Library, for assistance
• Change your Dickinson College account password on the Gateway Login Page here
• Once your password is changed, do the following:
  • Reboot your College-owned computer to log back into it with your new password
  • Re-log into Dickinson WiFi with your new password on any mobile devices you have
  • Re-log into Dickinson email with your new password on any mobile devices you have
• Forward the fraudulent phishing email to phishingalerts@dickinson.edu to report it
• If you entered any financial information or personal account information into a fraudulent site, contact the appropriate financial institution for further advice 

Additional Resources​

• SonicWALL: Phishing IQ Test​
• Stay Safe Online: Spam and Phishing​
• Stay Safe Online: ID Theft, Fraud & Victims of Cybercrime​
• Microsoft: How to recognize phishing messages?​
• CNET: How to recognize phishing e-mails​
• Scientific American: How to Foil “Phishing” Scams​
• Symantec: Social Engineering Fundamentals