Search:     Advanced search
Browse by category:

Protect your SU account and personal information from scams

If you have replied to an e-mail that you suspect is a scam, and you sent your SU username and password in the reply, change your password immediately. You can do this yourself at http :// Alternatively, you can call the SU Help Desk (x7333, hours 8AM-5PM M-F) or come by ITS with your SU ID.

Be cautious when you receive an e-mail asking you to reply with any type of personal information, including (but not limited to) a username or password. While the appearance of the e-mail may at first glance look legitimate, take the time to inspect it closer. You may find numerous misspelled words, awkward language, references to services that do not exist, or other little things that seem out of the ordinary.

You should always question the provenance and authenticity of such e-mails. Please note, however, that simply receiving a scam e-mail is not typically enough to compromise personal information. If you are unsure if an e-mail is legitimate, call the SU Help Desk or come by ITS with any questions.

Notice below some interesting features (in bold) of a phishing e-mail that was sent to the SU community recently. The subject itself is cryptic, the reply-to address is not even an SU e-mail address, and the recipient list has been blocked. Be wary of language that warns of closing your account or deleting your personal information without a reply. Notice also that there is no “Southwestern messaging center,” and that the phrase “Thank you for using Southwestern!” makes no sense.

Date: Mon, 31 Mar 2008 15:22:14 +0200 (CEST)
To: undisclosed-recipients: ;

Dear E-mail Owner,

To prevent your account from closing you will have to update it below so
that we will know that it’s a present used account.

E-mail Username : ……… …..
E-mail Password : ……………

This message is from Southwestern messaging center

Thank you for using Southwestern!
Warning Code:VX2G99AAJ

Southwestern Team

Recently, other universities have been the target of a similar e-mail scam. You can read about them here:

Illinois State University:
Queen’s University:
University of Victoria:

Take a minute to educate yourself about online scams:

Anti-Phishing Working Group
“The Anti-Phishing Working Group (APWG) is the global pan-industrial and law enforcement association focused on eliminating the fraud and identity theft that result from phishing, pharming and email spoofing of all types.”

Microsoft, “Recognizing Phishing Scams and Fraudulent/Hoax E-mails - Microsoft Security”
Microsoft has outlined some common features of fraudulent e-mails, including misspellings, incorrect grammar, using legitimate-looking graphics, and URL spoofing.

OnGuard Online
A website maintained by U.S. federal agencies (FTC, Homeland Security, SEC, et c.) that provides information about electronic identity theft, phishing scams, and malware so that you can learn how to protect yourself from these threats.

Others in this Category
document What are the dangers of file sharing and copyright infringement?
document What are the legal consequences of copyright violations?
document How to Disable Sharing in Popular P2P Clients
document Do I need to buy an anti-virus and anti-spyware program for the computer I am buying?
document I've tried installing Sophos unsuccessfully on my Windows XP computer.
document Sophos installer did not work. What should I do?
document Sophos Anti-Virus for Windows 2000/XP/Vista/7
document Sophos Anti-Virus for Mac OS X 10.4/10.5/10.6/10/7 (Universal)
document E-mail headers, how to turn them on, why they are useful, and how they can help you reduce SPAM
document Sophos Anti-Virus for Linux
document Spam - What is It and What Can I Do?
document E-mail scams - gone phishing