Login   |   Secure Purdue > Training

Training

SecurePurdue Training Series Videos Spammy Social Networking Keep Romance Alive Spam Guard

Get Smart KAOS SmartPhone PSA

Get Smart SmartPhone PSA

 

Don't Just Click It!

Click It or Ticket is the most successful seat belt enforcement campaign ever. We want to create an equally successful campaign to caution people from clicking on URL links in emails or Instant Messages (IM) or e-greeting messages sent to you from a friend. Clicking on links in an email or IM can take you to a fraudulent website in an attempt to steal your personal information.

Just like you put your seat belt on before you start your car, think before clicking on a URL link in an email or IM. Do you know the person who sent it? Is the URL really taking you where you believe you are going?

You can learn more about the dangers of indiscriminate clicking by viewing the 2nd place video, titled "Whoa, That's Awkward," in the 2007 Educause Computer Security Awareness Video Contest. The video is available at: http://www.researchchannel.org/securityvideo2007/.

Don't Just Click It! Clicking links in emails and IM's can lead to infection!

How to tell if an email is fraudulent

A suspicious message may contain certain key phrases:

"Click the link below to gain access to your account."
HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony site.

To view the real web address, rest your mouse pointer on the link. The string of cryptic numbers may look nothing like the company's Web address, which is a suspicious sign.

"If you don't respond within 48 hours, your account will be closed."
These messages convey a sense of urgency to entice you into responding immediately without thinking. E-mails might even claim that your response is required because your account has been compromised.

"Dear Valued Customer."
Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name.

Another sure clue that the email is fraudulent is if you have no account with the company that is attempting to contact you.

Install up-to-date antivirus and antispyware software.

Some phishing e-mail contain malicious or unwanted software that can track your activities or simply slow your computer.

Purdue provides free anti-virus software for students, staff, and faculty. For use on non-Purdue owned equipment (Windows machines), students, faculty and staff can download VirusScan Home Edition Software which includes a built-in firewall and anti-spyware options.

VirusScan for Mactel, an anti-virus product for Mac operating systems, is also available.

To download the above software, visit the SecurePurdue Web site at www.purdue.edu/SecurePurdue and click "software downloads."

Unfortunately, not all malicious or unwanted software can be prevented with antivirus or antispyware software. So take precautions to not infect your computer or your network.