Texas Tech University

Scams – Spam, Phishing, Spoofing and Pharming

Cyber criminals exploit people and steal confidential and sensitive information through various email-based strategies. Beware of the following:

Spam is unsolicited email, instant messages, or social media messages. These messages are fairly easy to spot and can be damaging if you open or respond.

Phishing is an email sent from an Internet criminal disguised as an email from a legitimate, trustworthy source. The message is meant to lure you into revealing sensitive or confidential information.

Spear Phishing occurs when criminals obtain information about you from websites or social networking sites, and customize a phishing scheme to you.

Spoofing describes a criminal who impersonates another individual or organization, with the intent to gather personal or business information.

Pharming is a malicious website that resembles a legitimate website, used to gather usernames and passwords.

Clues to help you recognize a phishing scam

  • Requests for your username and/or password – credible institutions and organizations will not request personal information via email
  • Time sensitive threats (e.g., your account will be closed if you do not respond immediately)
  • Spelling and grammar mistakes
  • Vague or missing information in the “from” field or email signature
  • “To” field contains multiple random email address or is alphabetized
  • Impersonal or awkward greetings, such as “Dear Mr. account holder”
  • Unexpected files or downloads
  • Links that don't refer to the sender or sender's organization
  • Emails about accounts that you don't have, such as eBay or PayPal, or banks that you don't have accounts with
  • Emails “from” celebrities
  • Asks you to reply in order to “opt out” of a service or
  • Plays on human emotions to evoke sympathy, kindness, fear, worry, anxiety, or excitement