Principles of fraud mail protection

Let's start by the principles, you can find the explanatory comments below:

1. When you obtain an e-mail asking on behalf of the system management for your login name and password (for example to renew or prolong the account), it is almost certain fraud.
2. Don't be trusting and don't let them cheat you by a seriously-looking mail. Initial attemtps were quite naive, but the cheaters improve. Decide deeply the mail contents.
3. Search for signs an fraud mail (we note some of them below). If you find some, delete the mail. If the mail is not contained in our list of fraud e-mails, LIANE management appreciates a note.
4. Investigate the mail. Type the subject of the email into the search engine and search the web for the mail subject. Maybe you can find that this fraud is well known.
5. If you believe that the e-mail is valid, verify it from other sources. Look at LIANE pages, T-UNI newsletter or so. Real large-scale reconstruction influencing user accounts would be definitely noted here. And we probably would use also other ways (paper mail, noticeboards,...) to spread the information. You may also use an off-line channel like a telephone.
6. Never click links in the mail, they are bogus. The mail is usually formatted in HTML and the visual link target differs from the real one - like this: www.tul.cz. The target web may look authentic - it is simple to create a copy of any existing page. Type the address into your browser manually, select it from the browser bookmarks, search it by Google or follow links from some trustworthy web.
7. Use known addresses only. Does the mail ask for a password change? Do you trust it? If so, change it by the procedure you used for the same purpose before. Single-purpose dedicated web pages created just for the account renewal occur with frequency similar to unicorns.
8. Don't be too shy to ask. If you still think that the request is real, don't hesitate to contact the LIANE managers to verify it. Needless query is definitely better than to provide log-in credentials to some cheater and inflict sanctions against the whole university network. After reading the previous recommendation, you definitely would not reply to the doubtful mail. Search the correct e-mail on the LIANE web or use the phone.
9. Don't let them stress you. There will be enough time for reaction if the request is real. Don't let the mail push you to premature decisions.
10. If you got caught try to minimize damages as fast as possible. Change the password - this time using the correct form. Inform the LIANE management by e-mail or phone and consult how to proceed.

How to recognize a fraud mail

Recognition of a fraud mail can not be done by any software. The program is able to alert you that the target address is contained in some database of cheaters but not much more. The final decision is your responisibility. Here are some typical signs of a fraud mail:

• Language problems. Does an institution use a language different than the native one? Is the author not a native speaker (or even some software translator)? Then it is a fraud.
• Fake links. Move you mouse cursor over individual links in the e-mail but don' click. Your mail client shows (usually in the status line in lower part of the windows) the real target address of the link. If it is different from the visible address in the mail, then it is a fraud.
• Asking to send credential by e-mail. E-mail is not encrypted and nobody serious would not ask to send credentials by e-mail. If the mail asks to reply by an account name and a password, it is a fraud.
• In our particular case when the mail uses HTML format with formatting, images etc. LIANE management sends all mail in plain text without HTML formatting.

If a mail contains some of these attributes, it is certainly a phishing attempt. Unfortunately, lack of all noted signs does not mean that the mail is genuine. Use the recommendations above to decide.

What is phishing

Phishing is an activity trying to lure confidential data by faking some unusual operation. Phising e-mails inform users about some system reconstruction, renewal of account or (paradoxically) deployment of new security means and asks for some private information - passwords, credit card numbers, bank accounts etc. If the user provides the information, it is misused to distribute spam, steal money or for other illegal activity.

Your brain is your only protection. Think twice before you provide your credentials.