Do not respond to phishing attempts

Thursday, October 01, 2009

The University does NOT, under any circumstances, solicit user names and passwords by email. Do NOT, under any circumstances, provide this information in response to any email request.

Dear Colleagues,

Phishing is still alive and well.

The University does NOT, under any circumstances, solicit user names and passwords by email.  Do NOT, under any circumstances, provide this information in response to any email request.

Phishing is the process of attempting to acquire sensitive information by masquerading as a trustworthy entity in an electronic communication.  Once usernames and passwords are provided, usernames and passwords are used by automated processes to launch denial of service attacks, flooding our email services with very high quantities of fraudulent email and doing other damage. 

The most recent phishing attempt forwarded to me is filled with grammatical errors.  However, you should NOT even be attempting to judge the quality of the request.  Delete the email containing a request.  To repeat, the University does NOT, under any circumstances, solicit user names and passwords by email.  
____

Dale Schoenefeld, Ph.D.
Vice President for Information Services & CIO
The University of Tulsa, OK 74104
voice: 918.631.2881 | fax: 918.631.2150
Assistant: 918.631.2352
____

 

Contact:
Computer Security Response Team
csrt@utulsa.edu