Be Alert for Phishing Email

October 29, 2012 in Uncategorized | Permalink

Phishing emails are emails that appear to be from a trusted source but are malicious in intent. They are designed to obtain sensitive information from the user such as user names and passwords. Please pay very close attention to any email that requests you respond with your user name and password or provides a link to an outside website asking you to login with  your user name and password.

SCAD Information Management and Technology representatives will never ask you for a password. We will also send out advance notification through the SCAD Message system of any new systems that will be available for the SCAD community.

Please see the example below of Phishing email.

 

Please note there are several items in this email that serve as clues to its lack of authenticity. The email address it’s from does look valid (always check this first, often there will be one letter difference in the address such as info@scrad.edu). There are, however, several spelling and grammar issues in the email itself. Notice that the signature line includes not only a spelling error but an incorrect SCAD phone number. These are just a few examples of items to look for if you suspect that an email may be malicious.

If you have received a phishing email and mistakenly replied with your user name and password or clicked on a link and entered your user name and password, you will want to change your password immediately. To change your password, go to https://web-ssl-1.scad.edu/changepass/ or log into MySCAD and go to the MyInfo tab. You will then click on the link to Change Network/Email Password in the My Personal Info channel. Please remember this is only changing your Network/Email password and is not changing your MySCAD password. If you use this same user name and password for any other SCAD account or personal account, you will want to change those immediately as well. Once you have changed your password, call the Technology Support Center at 912-525-4567 to see if there are any other steps that need to be taken.

If you receive a suspicious email please forward that to techsupport@scad.edu. If you have general information security questions on best office/workflow-related practices, on defining what types of information are considered sensitive, or if you have a business process that involves emailing social security or credit card numbers, contact infosec@scad.edu.