What is Internet Fraud?
Internet fraud is a serious problem that you will face both at work and at home. Criminals use a variety of methods to try and obtain sensitive information such as your CWID and password, Social Security Number, and credit card information, which can then be used to cause data breaches and perpetrate identity theft and other nefarious and illegal behavior.
The methods used to perpetrate Internet fraud are constantly evolving, so it is important for you to educate yourself and others on how to protect your sensitive information. The Cornell University security group has published a site that goes into details on these main points:
- Don't fall for phishing
- Don't click on email web links
- Watch out for scams trying to steal your money
How can I tell if an email is fake?
- The email ends up in your Spam folder.
- Do not click on any links or respond to any suspicious emails that are automatically filtered by ITS to your email spam folder.
- The message is from a suspicious email address, or contains strange content.
- If the sender's email address is not med.cornell.edu, you should treat it with suspicion. Phishing scams can even "spoof," or impersonate, a colleague's WCM address, making odd requests for information, like financial data. Even if the message comes from someone you know or interact with regularly, report any suspicious content to ITS. We can verify the authenticity of the message if you forward the message as an attachment to email@example.com.
- The message content does not follow ITS format or is poorly written.
- ITS emails follow a specific format are will rarely deviate from it. For example, any official announcement from ITS typically contains the following items: Who is this message for? What is changing? How will this affect you? and Questions? Feedback? Likewise, if there are multiple grammar errors, misspellings and other errors that look suspicious, it is probably a fraudulent email.
- The message asks for personal or confidential information.
- A dead giveaway is if the message contains what appears to an urgent message and asks for your CWID, password, credit card number, or other confidential information. ITS will never ask for these things in an email message or web form, and does not shut off IT services if you withhold this type of information.
- You're asked to click on suspicious links or open attachments.
- You can always hover your cursor over a link and see the URL if you want to verify where you will be directed. If you get an email from an external sender, you'll notice URLs are rewritten by our Proofpoint security system. Still, that doesn't mean you should click on a link if it looks suspicious. By clicking a malicious link, you may be directed to a site that looks like a WCM login page asking for credentials, malware could be downloaded to your computer, or you may be prompted to download a file (always click No). Also, never open attachments with strange file names or extensions (like .exe), or attachments that were unexpected. Always verify links and attachments with ITS if you have any doubts about their authenticity.
The Cornell University security site has a "phish bowl" with examples of phishing emails.
Can I report a suspicious email to ITS?
Yes - please forward the email as an attachment to firstname.lastname@example.org and it will be added to a list of messages to be blocked. Note that anyone at the college is subject to phishing, so if you are even remotely suspicious of an email, it's best to err on the side of caution and report it to ITS for further investigation.
What if I already clicked links in a suspicious email?
If you clicked on a link in a suspicious email, close your browser immediately. Do not open any files if you downloaded them from the link. Report the message and the incident to the Service Desk right away. If you attempted to log into a site that you thought was authentic and it looks suspicious, you should immediately change your account password if you are on the campus network, or call the Service Desk at 212-746-4878 for assistance.
I’m having difficulty with a link that Proofpoint has rewritten. Is there any way to restore it?
Yes! Just copy and paste the rewritten URL into the Proofpoint URL Decoder and you’ll be given the original URL. Please remember to use caution in visiting the link if you’re unsure of its origin.
Download our phishing flyers
Keep one of our phishing flyers at your desk by downloading and printing it.