This weekend, many people on campus received a fraudulent Email purporting to be from “Account Review” here at Canisius. This was actually sent from off campus, and its purpose was to trick users into revealing their Canisius user name and password so that this criminal enterprise could access our network.
These “phishing” Emails, as they are called, are becoming more and more common on the Internet. As such, here are some techniques you can use to verify that a Web site is legitimate before entering your username and password.
Click on image above for a larger version
1. Look for “https” at the beginning of the address in your browser’s Location Bar. This indicated that you have a “secure” connection, and that the information you are entering is being encrypted on its way to the server.
2. Look for “canisius.edu” in the address. This indicates that the computer is located on the Canisius network and is being maintained by the Canisius College ITS staff.
3. Make sure that there is a lock icon on the border of your Web browser window. This verifies that the site you are talking to is, in fact, what it claims to be. You can double-click on the lock icon for more information about the “certificate” that confirms the site’s identity.
If you have any questions, or if you receive an Email that seems suspicious, please feel free to contact Matthew Gracie, information security administrator, directly at Ext. 8378 or graciem@canisius.edu.
Submitted by: Matthew Gracie, information security administrator, ITS
