Last week a large number of IU/IUPUI students, staff, and faculty members received an email stating that their Outlook account had exceeded its storage quota. Recipients were instructed to click on a link in the email to upgrade their mailbox for continual usage. While many of us receive messages like this on a regular basis, this one may have fooled more people than usual, because it appeared as if it was from a real IU employee.
Do you know how to identify a fake email? Here are a few pointers from the Security Office:
- No one at IU should ask for your university passphrase or login credentials by email or over the phone.
- If you get an email or pop-up message that asks for personal or financial information, don’t reply — and don’t click on the link or call the number provided, either (instead use official contact details).
- Use anti-virus and anti-spyware software, plus a firewall, and update them all regularly.
- Never email passphrases, personal, or financial information.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
- Never click on a link in an email whose author you do not know.
If you get an email that looks like it came from IU but asks for sensitive info, report it immediately to the University Information Policy Office at firstname.lastname@example.org or contact the Support Center. Please be sure to include the full email headers (for details, see the IU Knowledge Base).
Learn how not to get hooked by phishing scams — and what to do if you accidentally provide info to scammers — at Protect IU.