All About Phishing

PhishingPhishing is

…the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

(Wikipedia definition)

If you receive questionable emails or phone calls of this nature, do not respond. Instead, hang up or delete the message, use the advice below to asses whether the query is fraudulent, or contact the Help Desk for assistance: call (617) 495–7777 or use Get Help on this site.

Visit security.harvard.edu for more information on how to protect yourself from scams.

When evaluating an email you received that you suspect may be phishing, bear in mind that neither HUIT nor any reputable organization (banks, websites, agencies, Government departments) will ever ask you to send your passwords or confidential information in an email or over the phone. For account management, employment issues and the like, HUIT will always direct you to one of a handful of administrative websites whose identity you can verify using your browser’s capabilities:

Recent phishing attacks

Subject Kind Date
IT_ (Help desk)
Fake Login 11/5/2014
+Suspension of Your Email Account
Phishing 6/9/2014
Update your Password
Phishing 1/16/2014
Dear fas.harvard.edu Email Account Owner
Phishing 1/13/2014
Payroll or Open Enrollment
Bank Account request 1/10/2014