Recent Phishing Attempts
July 2, 2012
SCS Computing Facilities has received several reports of phishing emails that appear to be targeting cs.cmu.edu users. We have taken the appropriate measures to respond to these reports.
If you received one of these messages, please do not reply to it. You may simply delete it.
Communications from SCS Computing Facilities will come from firstname.lastname@example.org. If you receive email about your SCS account from some other email address, it has been forged.
SCS Computing Facilities will not ask for your password. We will not ask you for your password via email, on the phone or in-person. If you receive an email requesting your SCS password, it has been forged.
Characteristics of Phishing Email
Phishing emails generally have one or more of the following characteristics:
- Urgency - These messages indicate that unless you perform the actions specified immediately or within a certain time period, you will be denied access.
- Offsite Email Address - These messages indicate that your reply should go to a non cmu.edu email address.
- Offsite URL - These messages contain a link to an offsite page where you are asked to supply information about your account.
- Sensitive Information Request - These messages request sensitive information like your username, password or contact information.
- Attachments - These messages request that you open or use attachments to provide information about your account.
- Spelling and grammar mistakes - Phishing emails tend to have more mistakes in spelling and grammar than legitimate emails.
If you receive an email with one or more of these characteristics, it may be a phishing attempt.
Please contact email@example.com or call the SCS Help Desk (x8-4231) if you have questions or concerns about whether a message you received is part of a phishing attempt or not.
Thank you for your attention,
SCS Help Desk