Security (or lack of it) on the Internet
The modern age of surfing the internet has produced many ways for unwanted email (spam) to get to you. Some are annoying by sending you unwanted information about a product being sold, but others more recently are highly invasive with potential of identity theft and fraudulent financial scams.
Spam
Any unsolicited (and usually commercial advertising) email is spam. However, this is very subjective. What might be "spam" to some, might be considered research to another. Spam sent to @hawaii.edu addresses is managed by Google's robust spam filter. Email messages that the filter deems highly likely to be spam will not be delivered to your mailbox and instead placed in the folder labeled "Spam" (or "Gmail/Spam" if using a mail client). More information is available at the Spam at the University of Hawaii article.
To minimize the amount of spam that you receive (information taken from the Federal Trade Commission):
- Try not to display your email address in public, such as on websites, newsgroups, and your online service's membership directory.
- Check the privacy policy when you submit your address to a website.
- Read and understand the entire form before you transmit personal information through a website.
- Decide if you want to use two email addresses - one for personal messages and the other for newsgroups and chat rooms.
- Use an email filter.
Phishing
Phishing (pronounced "fishing") is an Internet scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information. The messages appear to be from legitimate organizations such as banks, credit unions, and online shopping sites asking you to verify your personal information. Generally, these messages state that if you do not update or verify your information, your account will be canceled or deleted. The intent will be to use your credit card or financial accounts for their personal purposes, leaving you with the bills and highly time-consuming job of sorting out a bad credit rating.
To avoid getting hooked by a phishing scam:
NEVER respond to these types of email by clicking on the web link in the email message and entering your personal information, and DON'T reply to the message either.
These are the guidelines from the Federal Trade Commission:
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don't ask for this information via email.
- Don't email personal or financial information.
- Review credit card and bank account statements as soon as you receive them.
- Use anti-virus software and keep it up to date.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
What to do...
If you obtain spam from an @hawaii.edu account, you can report it to uhabuse@hawaii.edu.
If it's not from an @hawaii.edu account:
- report suspicious activity to the Federal Trade Commission (FTC) at https://reportfraud.ftc.gov/#/ or 1-877-382-4357.
- If you get spam that is phishing for information, forward it to spam@uce.gov.
- If you believe you've been scammed, file your complaint at https://reportfraud.ftc.gov/#/, then visit the FTC's Identity Theft Web site at https://www.identitytheft.gov/#/Steps to learn how to minimize your risk of damage from ID theft.
- If you receive a porn spam (pornography), you can report it to FTC https://reportfraud.ftc.gov/#/. It should also be reported back to the ISP (Internet Service Provider) where the email originated from.
Phishing notification
Please go to http://www.hawaii.edu/its under the Security Alerts section to check for the latest phishing attacks targeting UH usernames.
If you would like to receive phishing notices by email, go to http://www.hawaii.edu/its/notices/index.php and subscribe to our phishing alert email list.
