Dear City College Community Member:
This is a reminder to be alert to the innumerable online scams. One of the most prevalent is known as a “phishing” email. These emails are designed to look like legitimate emails originating from your bank, a friend, or even the United States government. However, they are a ruse to persuade you to download malicious software and/or reveal account credentials and personal information that can be used for identity theft.
Phishing emails often direct you to submit sensitive information, threaten to deactivate an account, advise you to change your password or activate or upgrade an account by clicking a link. These schemes also use less alarming ruses, including attaching invoices, taxes, or financial aid forms that contain viruses. Their goal is to compromise the security of your personal computer or smartphone, to harvest your valuable information, and, ultimately, to defraud you and your colleagues, friends and family.
How to Protect Yourself
DO NOT click on the links.
If a suspicious message seems legitimate, contact the originating office by phone (using the phone number on the CCNY directory listing) before responding. Or try opening a new browser window and typing the address directly. Please also notify ITSecurity@ccny.cuny.edu .
If you inadvertently disclose your user ID and password change your password immediately on any and all systems where that password is used. Using your account credentials from one hacked system cyber-criminals may be able to determine your username on other systems. If you use the same password on those systems they too could be compromised.
For more information please read the CUNY Phishing Advisory posted at security.cuny.edu under the CUNY Issued Security Advisories.
In addition, we suggest you complete the 30-minute Security Awareness Course viewable here: http://security.cuny.edu/
Screenshots of Convincing Phishing Emails
Ouch! security newsletter on the topic