In the daily reality hostile elements try to access both personal and business information. Even though the Computation Center uses a number of mailbox protection tools, all university members and students must be aware of the dangers.
Such emails are an attempt to convince you to disclose your bank details, personal information, or login information (username and password). Typical features of such messages include:
• Link to a fraud site
The site can look like the website of your university / bank
• Use scare tactics
Your mail account volume is about to expire
• Financial opportunities like grants / student loans etc.
** Note that in such a case, the sender's address or URL, will never be associated with bgu.ac.il
The e-mail messages try to install malicious software on your computer (for example, computer viruses).They may collect information or try to block access to the computer or information and demand ransoms money to open it.
Malware is usually found in attachments or in a link included within the email that directs you to an infected Web site.
How did the malware come to you?
There are several typical possibilities:
• You visited a malicious site by clicking a link in a phishing message
• Your computer is vulnerable because it is not up to date with security updates for Windows, Java, QuickTime, Flash, Acrobat etc.
• Your computer is vulnerable if you do not have antivirus software or your antivirus software is out-of-date.
• You use a public computer (hotel, internet cafe, public library, etc.) which is infected with a virus that steals your password.
• You respond to phishing - for example, a fake e-mail message that says you need to install XYZ to keep your computer safe, but XYZ is actually malware.
• You use the same password for secure things (like university, internet banking) as you use for less secure things (social networking sites, instant messaging).
• You download software from the Internet that contains a virus (this is quite common with various file sharing software)
These emails usually post something that's hard to get through regular channels.
It's usually easy to detect such messages because of their misspelling, or because of the requirement to distribute them to all your friends – please do not.