How to prevent phishing scams

October is National Cyber Security Awareness Month! You can celebrate the month by learning how to prevent phishing scams. Phishing involves cyber criminals sending emails trying to trick you into providing valuable and sensitive data, such as login credentials for a bank account, social network, work account or cloud storage. They usually build a sense of urgency to get you to throw common sense out the window.

For example, at LCC we’ve seen criminals send an email with an encrypted attachment to a victim that only says “Password is 5412.” The ambiguous email implies you should open the attachment and enter the password to get the information. The attachment is malware disguised as an important pdf or work document. Once you open the attachment and enter the password, the malware infects your computer with ransomware. You should never enter a password included in the same email as the attachment – don’t let your curiosity rule you!

The biggest red flag on all these scams is the sender’s email address. Always check to see if an email originated from outside our network, such as from hotmail.com, gmail.com or yahoo.com. Legitimate communication from LCC comes from the lcc.edu domain (although this can also be spoofed). Remember, it’s OK to open emails and read them, but never open attachments or click any links unless you were expecting the email or are confident it is legitimate.

When you receive emails from an unknown sender and/or that appear suspicious, please send them to the LCC Help Desk at lcc1@lcc.edu. We’ll double-check them for validity, and we’ll do it quickly! If you have questions or would like further information, contact the ITS Director of Information Security, Paul Schwartz, at 517-483-5264 or schwarp1@lcc.edu.