Beware of Phishing E-Mails!

Universities and large corporations are frequent targets of spam “phishing” attacks.  “Phishing” involves sending deceptive e-mails with the intent of tricking people into providing personal information, such as usernames, passwords, social security numbers, birth dates, bank account numbers, or other private data. 

In cases where a password was provided, the spammer often changes the person’s e-mail settings and sends more spam messages which appear to have been sent by that person.  Providing your private information can make you a victim of identity theft, as the offender can use your private data to access your personal accounts!  Computer viruses can also be spread by clicking on a link in a spam message.

Spammers typically target our student e-mail system, but phishing messages have also been sent to faculty/staff e-mail addresses.  Phishing messages are often designed to look like they came from an Administrator, a HelpDesk, or from another reputable technology source.  Remember: The CTC will NEVER ask you to provide private information in an e-mail.  Again, we will NEVER ask you to e-mail us a password, social security number, or other private data.

When FHSU administrators detect that an FHSU account is either sending spam or has responded to a known phishing message, we take immediate action to suspend access to the affected account.  Then we attempt to contact the owner of the account to remedy the situation. 

Although our systems block a great deal of spam, new tactics are used every day and some of these messages cannot be effectively blocked.  Therefore, the best way to prevent and avoid further spam and phishing attacks from affecting our users is to encourage YOU to follow wise e-mail practices.  First and foremost, make it a rule NEVER to provide sensitive private information via e-mail to anyone, even if it appears to be a legitimate request!  A quick phone call to verify the request is all it takes to avoid becoming a phishing victim.

If you've become a victim of a phishing scam, take immediate action to:

  1. Notify your email administrator or HelpDesk.
  2. Set a new, secure password.
  3. Change your security answers.  DO NOT USE correct answers to challenge questions that can be answered by searching genealogy sites.
  4. Check ALL settings in your account, such as name, reply to, signature line information, etc...

If your account is repeatedly compromised (for example, if spam is sent from your account after you have reset your password):

  1. Use a different computer to complete the steps listed above.
  2. Clear the cache in your browsers.
  3. Scan your computer for viruses/malware.

NOTE:  Accounts experiencing multiple unresolved situations may be permanently disabled. View Unacceptable System Activity Statement.



For additional information about e-mail safety, see:

Back to top