Watch out for email scams - don't get phished!

Phishing is the common name for email scams that try to trick you into giving up your account information.  The scam emails usually try to scare you by saying your account will be deleted, canceled, terminated, or you will lose data if you don't login to the website.  When you click on the link, the scam website usually looks similar to a legitimate website and asks for your account information.

If you enter your account information on a scam website, you are giving the scammer full access to your Wellesley account, not just your email.  While they seem to be only using the accounts to send more spam, if they have access to your account, they have access to the following:
  • Your MyWellesley account, which includes salary info, pay stubs, tax information, health information.
  • Your Google Apps account, which they can download your email, contacts, and files in Drive and scan them for personal information.
  • Accounts setup using your Wellesley account will now be accessible to them too.  They look for common popular sites such as Amazon, online banking info, and online credit card info.
  • If you used the same password on other sites, those sites are now compromised too.  Never use the same password twice!

Recent phishing scams

This scam used an email that said your email quota was going to change.  Gmail is unlimited and doesn't have a quota.  If you clicked on the link you'd see that the website is not a secure site (no lock icon next to the website address), does not go to a gmail.com or google.com website, has poor grammar, and the Cancel button is spelled wrong.

Phishing Scam Email Phishing Scam Website

 

 

In the scam below, it mentions your account will be deleted or shutdown if you don't visit a website and login within 24 hours.  LTS would never disable, delete, or shut down an account in such a manner.  We only do that when a facult or staff leaves the College, or at the end of a semester for non-matriculated students (cross-registered, etc.).

Phishing Scam Email Phishing Scam Email

 

If you had clicked on the Cancel Account button in the phshing scam email above, you would have been sent to a scam website that is very similar to an actual Google login website.  They copy the Google login pages almost exactly, so you have to be very careful when looking at the website. 

In this example, the scam website lists "data:" as the address, whereas the actual Google login page is on google.com and has a green lock icon next to it. Wellesley websites that ask you to login will include 'Wellesley College" next to the lock icon.

Scam website

Actual Google website


A few general rules about emails from Library & Technology Services:

  • ​They ALWAYS address you by your name.  
    • We would never send an email that started with "Hey User"
       
  • They ALWAYS have a staff member's name in the signature.
    • ​We would NEVER send an email from "Accounts Department INC"
  • Websites that ask for account info will ALWAYS have a lock icon next to the website.
    • Scam websites won't have the lock icon and won't be familiar website names.

How to Spot a Phishing Scam

  • It asks for your username and password (we will never ask you for your password!)
  • It points you to a weird-looking website address (such as accountassociates.com or thisguyswebsite.org), and not our websites.
    • Only use your Wellesley account on websites that start with wellesley.edu or google.com
  • It isn’t signed by a staff member from Library & Technology Services
  • It says something scary, such as deleting, cancelling, terminating, or disabling your account.
    • Your account will only be disabled if your status at the College changes. 

 

Steps to avoid being phished 

  • Never respond to emails or pop-up messages that request personal or financial information
  • Be cautious about opening attachments or downloading files from emails you receive
  • Use anti-virus and anti-spyware software and keep them updated
  • Monitor your credit card and bank accounts regularly
  • Confirm that the website you are visiting is secure (URL begins with "https://" and site has a padlock icon in the browser window)

How to report an email phishing scam

If you think you have recieved an email phishing scam, here are some things you can do:

Quickly report it to the Help Desk:

  1. Forward the email to helpdesk@wellesley.edu
  2. DO NOT click on any of the links or reply to the email until you get a response from the Help Desk.
  3. The Help Desk will respond during their normal hours.

Report additional details of the email to the Help Desk:

  1. When viewing the phishing scam email, next to the reply button on the left, there is a small button with triangle pointing down on it.  Click on that and select Show Original.
  2. You should now get a new tab that has a lot of text that includes detailed information about the email.  Copy all of the text by pressing Control-A (Windows) or Command-A (Mac OS X) to select all of the text, then right-click on the highlighted text and select Copy (or press Control-C / Command-C).
  3. Create a new email to helpdesk@wellesley.edu, with the subject "Possible phishing scam?" and in the body of the email, right-click and select Paste (or Control-V / Command-V).  This should paste the information from the Show Original window into the email. You can now send the email to the Help Desk and they will investigate it.

Report the phishing scam email to Google.

  1. When viewing the phishing email, and click on the down triangle and click Report Phishing.  
  2. You will then be asked if this really is a phishing scam. Click Yes.  
  3. This will report the phishing email to Google and put the email into your Spam folder.


Get more tips from OnGuardOnline.gov

For more information about phishing go to: www.antiphishing.org