systems | Help / Phishing

In General:

Check with UO Phish Tank: UO Phish Tank

If you have any doubt, don't click on URLs - forward *with full email headers* to mailto: phishing@uoregon.edu and mailto: systems@cs.uoregon.edu. Also, This page can help you with sending the full email as an attachment.

Depending on your email client, you can "hover" over a URL to see what the apparent link will actually send you to - beware of unlikely destination URLs

Never give your credentials, any credentials, via a URL in an email without thoroughly vetting that email and webpage
Other than the anti-spam message, we always send CS Systems Staff email in plain-text
If there is a signature on CIS Systems Staff email, it will be our real names
URLs must *match*
You can always get to any of our URLs by checking https://systems.cs.uoregon.edu/ directly

Check with UO Phish Tank: UO Phish Tank

If you fall for phishing, change your credentials as soon as possible -- and all passwords/credentials that you have used since you suspect you have been conned.

If you want to check whether a URL received in an email is a phishing attempt you can check the web site Phishtank.

Sometimes a phishing link is hidden as a tiny URL. You can preview a tiny URL by prepending the host preview to the front of the URL. For example if you have the URL http://tinyurl.com/bbqzvh and you want to see where that points without going to the website, enter this URL instead http://preview.tinyurl.com/bbqzvh.

Again, Report/Forward phishing attempts to: mailto:phishing@uoregon.edu and mailto:systems@cs.uoregon.edu
Be sure to include the entire, raw email.

References

Phishing (Wikipedia)
Anti Phishing Working Group