XMission's Company Journal

Getting Phished?

Recently, a few dozen of our subscribers received an email claiming to be from XMission that urged them to email their password. This fraudulent, “phishing” email did not come from XMission; unfortunately, it looked authentic enough that a few customers responded.

Obviously, we find emails like this incredibly frustrating. Spam has cost us tremendously in time, money, and network resources, and forces our customers to feel increasingly suspicious of anything in their inbox. Like you, we have all received spam from companies claiming to be eBay, PayPal, our credit union, or even the IRS. Even though XMission successfully filters out the majority of phishing spam, be aware that some still does squeak through.

Many of these emails ask the user to enter information using a fake web address, while others request information via email directly. Spammers send out large numbers of emails betting on the odds that someone with a legitimate account will respond. Usually these emails have an urgent tone or even threaten penalty, suspension, or account closure.

Because of the volume and persistence of this threat, we wanted to share a few reminders from the Federal Trade Commission:

  1. Simply do not reply. If you have concerns about an account, pick up the phone and call the business, or bring up a fresh browser and contact them directly using their website. No legitimate business will ask you for personal information over email.
  2. Scammers can fake anything including “from” addresses, logos, websites, and phone numbers. Even if an email includes a local phone, donĂ­t take it at face value. Call the company using a legitimate number from a trusted source.
  3. Update anti-virus and anti-spyware software regularly. Always use a firewall if you have a high-speed Internet connection.
  4. Do not use insecure websites. Always confirm the security certificates of secure websites.
  5. Review credit card and bank statements as soon as you receive them.
  6. Even if you receive an email from a trusted source, be cautious about opening attachments or downloading files.
  7. Report phishing emails to XMission (, the FTC (, and to the legitimate company being spoofed.
  8. If you have had your information compromised, report it immediately to the FTC, and then visit the identity theft website at:

, , , , , ,

Comments are currently closed.