November 1, 2004

Google Desktop Search, e-mail frauds prompt warnings

Information Technology Services (ITS) is issuing security advisories warning about a new Google search and about bogus e-mails claiming to be from reputable financial institutions.

Google has recently released a system-indexing tool called "Google Desktop Search." This tool allows for full text search over one's email, computer files, chats, and web pages viewed.

The Google Desktop Search is intended for single-user systems.

Although the program does not make your computer's content accessible to Google or anyone else, there is a risk that unauthorized users can access other user's data if used on multi-user systems, such as in a lab environment or public system.

The Google cache feature allows for all users on the system that the Desktop Search tool is installed on to browse the contents of messages and files it has indexed, irrespective of who is currently logged in.

ITS is also warning of more e-mail frauds.

Computer users are now receiving e-mail that purports to be from financial institutions such as Citibank, Wells Fargo, and PayPal, requesting users to follow a link and submit personal information.

Users who have an account with any of these companies might be tempted to click on the link provided within the e-mails. By doing so and entering the information sought, such as your name, address, birthdate, account numbers, Social Security numbers, and PIN numbers, you will be putting yourself at risk that may result in the draining of your account and/or the start of an identity fraud problem.

Additional details on these problems and other advice on security measures is available on the Information Security web page.

Return to Front Page