Skip Navigation

IT Tech Tips: October Security Awareness Month

From IT Group:

In the spirit of October Security Awareness Month, the IT Group would like to remind campus how to identify a phishing email.

Here is a message received on campus just last week. Is it phishing or is it real?

—–Original Message—–
From: motoxrox@clear.net.nz [mailto:motoxrox@clear.net.nz] On Behalf Of abuse@keene.edu
Sent: Wednesday, October 21, 2009 5:42 PM
To: email@keene.edu
Subject: keene.edu Report
keene.edu Report

Your email account has been reported for numerous spam activities from a foreign ip recently. As a result, keene.edu has received advice to suspend your account. However, you might not be the one promoting this Spam, as your email account might have been compromised. To protect your account from sending spam mails, you are to confirm your true ownership of this account by providing your Username () and Password () as a reply to this message. On receipt of the requested information, the keene.edu email support shall block your account from spam. Failure to do this will violate the keene.edu email terms & conditions. This will render your account inactive. NOTE: You will be send a password reset message in next seven (7) working days after undergoing this process for security reasons.
Keene State College - Webmail Access (Powered By gmail).

This is absolutely phishing. In the past year, our educational campaign regarding phishing focused on how to tell a phishing attempt from a legitimate email. Here is a quick list of things to remember or look for:

  • No legitimate institution, including KSC and the KSC IT Group HelpDesk, will ever ask you for personal information through email. There are no exceptions to this. Period!
  • IT Group HelpDesk email will be addressed to the GAL, a specific group (i.e. teaching faculty), or you personally. It will be familiar to you.
  • We will provide you the reason behind our communication (routine maintenance, infrastructure upgrade, etc.).
  • We always provide our contact information (including phone number, email address, and buildinglocation).
  • We always tell you to contact the HelpDesk if you have any questions or concerns.

This format should be familiar to you. When this email was received after business hours last week, a very mature and responsible HelpDesk Student Technician understood how some faculty/staff might respond to it, given the specific use of keene.edu in the message. She made an urgent decision to send out a brief communication, and, while it did not include everything in our standard communication template, you recognized our message as legitimate, and the majority of you did not respond to the phishing attempt. Kudos to our student technician and kudos to you!

It is important to stay vigilant about phishing attempts both here on campus and at home. Learn to recognize the signs, and, above all, if they are asking for personal information, it is a phishing attempt!

For more information, please visit the IT Group Security website.

Contact Marketing & Communications

Sarah Kossayda
Director of Marketing
☎ 603-358-2119
Sarah.Kossayda@keene.edu

facebook icon Visit us on Facebook twitter icon Visit us on Twitter instagram icon Visit us on Instagram
Project Request