Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Internet hoaxes & scams

There are several types of unwanted and malicious e-mail that one should be on guard against:

  • Viruses: Perhaps purporting to be from someone you know, these e-mail messages contain some type of executable code.
  • Hoaxes: These can take the form of false virus alerts (such as the "Good Times" hoax), chain letters, or attempts to spread false information about some issue (such as warnings that the Federal Goverment is about to tax e-mail).
  • Scams: Examples are the Nigerian 419 scam or attempts to have you visit a particular web site to "confirm your account information".

See our anti-virus documentation for information on how to protect your computer against viruses. This page provides some information on how to protect yourself against internet scams and hoaxes.

Protecting yourself against internet scams

One common type of scam (often called "phishing scams") involves fake e-mail purporting to be from a bank, PayPal, or some other reputable source that asks you to visit a particular web site (usually via a link that is included in the mail) and enter personal information. The e-mail is really from a scammer, and the web site listed in the mail is run by the scammer for the specific purposes of gathering your information and using it for identity theft and other purposes. In many ways, protecting yourself from such internet scams is no different than protecting yourself from scams that do not involve the internet. For example, if someone called you on the phone, said they were from Citibank, and asked your to "confirm" your credit-card information, you would (hopefully) hang up on them. The basic principle is to never provide sensitive information over the phone unless you have initiated the call yourself. Unsolicited e-mail should be treated the same as such unsolicited phone calls. Keep in mind that:

  • It is easy to forge e-mail such that it appears to be from a company and contains company logos and other "evidence" that it is legitimate (you can usually download such logos from the company's own website).
  • It can be very difficult to tell where a link on a web page actually goes to without very careful inspection. So, you do not know if clicking on such a link will take you to the company's real web site.

If you think that the e-mail may really be from your bank or other institution, call their customer service number (which you have gotten from known legitimate documents) to confirm its authenticity. If the mail purports to be from SCS Facilities, contact the SCS Help Desk (x8-4231).

There are many other types of e-mail scams, most of which involve getting "something for nothing". Strangers are as likely to give you large amounts of free money over the internet as they are over the phone or via postal mail. Most such scams at some point lead to you providing money up front or giving bank account or other personal information.

Internet hoaxes

There are numerous chain letters, hoaxes, and other false information floating around the internet. These are not necessarily attempts to swindle you out of money, but they do waste everyone's time. Before passing along some anonymous rumor or dire warning to a mailing list or to your friends, please take steps to confirm its authenticity. Often, simply googling for the subject heading will provide sufficient information. If in doubt, you can contact SCS Facilities to confirm or disconfirm the rumor. Never, ever pass along a chain letter.

Additional information

The following off-site links will open in a new browser window:

How to protect yourself against phishing scams
Federal Trade Commission guidelines on how to not get hooked by a phishing scam.
Sophos virus hoax information
Information about virus-related hoaxes from Sophos
The Nigerial 419 scam
All about those "advance fee" scam letters