Phishing scams are attempts to gain personal information such as credit card, bank account, PIN or social security numbers from the email recipient by appearing to represent a legitimate business. Most of these scams are conducted via e-mail messages that may include a copy of a corporate logo to add a degree of authenticity to the fraudulent request. Further, the phish e-mail may direct you to a Web site that appears identical to a legitimate Web page in order to gain the trust of e-mail recipients and to collect the requested personal information. Once this information is collected, it is used for fraudulent purposes.
In general, reputable companies do not send email messages that request the return of personal information via e-mail or Web form. If you receive an e-mail message requesting personal or account information, it is strongly advised that you use an established telephone number to confirm the authenticity of the message.
In particular, please be aware of recent tsunami-related phishing scams. These are taking the form of e-mail messages from individuals posing as tsunami victims requesting that donations be made directly to their bank accounts, as well as e-mail messages that refer recipients to Web sites that appear to represent known charities to make donations for tsunami victims. If you receive a request via e-mail for donations, you are strongly encouraged to verify the legitimacy of the email originator or to contact a known legitimate relief organization if you wish to make donations.
Additional information about phishing and examples of other recent phishing e-mail messages are available at http://security.ucdavis.edu/101_phishing.cfm. Please send questions about this message or about phishing to firstname.lastname@example.org.
IT Security Coordinator
Office of the Vice Provost
Information and Educational Technology