E-mail Phishing Scams
- Thuc Phung
- Daryl Olin
Many colleges and universities have been the target of email phishing scams which attempt to trick students, faculty and staff into giving away personal information that can be used to access email and personal bank accounts. These scams typically contain sensitive email subjects and may ask you to reply to the message via email or phone with some of the following information:
- Username
- Password
- Account number
- Birth date
- Social Security
- Credit card expiration date
- Credit card pin
Universities and financial institutions never ask for personal account information via email. In addition, the SU ITS will never ask for your password via email. Any email communication or unsolicited web form asking for this type of information should be closed and deleted.
It is a good practice to remember that email is an insecure form of communication. Email systems cannot verify that the sender in the "From:" line is the actual sender of a message. Unless you are expecting a message from a sender, you should be aware of the insecurities that exist regarding incoming emails.
When in doubt, e-mail archit@syr.edu.
Central Security Team can also be reached via ITsecurity@listserv.syr.edu or call 315-443-2677.