PLU Cyber Safety Notices

Below are some of the email notices about cyber safety sent to the PLU community by Information & Technology Services.

History of Campus-Wide Notices

Email sent to students February 4, 2009:

From: Information & Technology Services <comptelc@plu.edu>
Subject: Email Phishing Scam Alert!

From time to time you are likely to receive email messages asking for your PLU email account password. These messages claim to have been sent from a PLU tech support address, but they are in fact fraudulent attempts (often called phishing scams) to obtain your login information.

PLU will NEVER ask you to reveal your password or other such personal information via email!

Here’s an example of a phishing scam that has been circulating lately:

Subject: Up Grade Your E-mail Account
From: Pacific Lutheran University Webmail Support <webmaster@plu.edu>
Reply-To: customer.account.users09@gmail.com (This return address
appears if you hit the reply button.)
Date: February 3, 2009

This message was NOT sent out by PLU. Ways you can determine this is not legitimate include multiple misspellings, poor grammar or punctuation, the simple fact of asking for a password or other highly personal information, and/or inclusion of the message on a list of phishing examples we compile at

https://www.plu.edu/helpdesk/support/antivirus-cybersafety/phishing-scams/

When we become aware of a new phishing scam targeting our campus, the subject, sender, and date will be published on this web page. We have been recording this information since July of last year.

If you receive emails like this in the future, you can delete them with confidence. And never hesitate to send an email to comptelc@plu.edu to ask about the authenticity of such a message.

If you did reply to one of these phishing emails with your username and password, please change your password immediately. This will prevent your account from being used as a source of spam.

We appreciate your diligence!

Regards,

Margaret Crayton, Director/I&TS User Support
Chris Ferguson, Associate Provost/I&TS

Email sent on September 8, 2008:

You may have received e-mail messages in the last few days, asking for your PLU e-mail password, that claim to have been sent from a PLU tech support address.  A recent example:

Subject: WARNNING: VERIFY YOUR EMAIL ACCOUNT
From:    “comptelc@plu.edu.” <aggib@gibtelecom.net>
Date:    Sat, September 6, 2008 2:02 pm

These were NOT sent out by PLU Information & Technology Services. It is a rather clever phishing scam that has been around for several months and has targeted many universities. If you do reply with your password, the spammers use it to log into the PLU Webmail system and send out spam e-mails from your account. We have had this happen multiple times in recent days.

We will NEVER ask you to reveal your password or other such personal information via e-mail. If you receive such e-mails in the future, just delete them with confidence. And never hesitate to send an e-mail to comptelc@plu.edu to ask about the authenticity of such a message. You can also visit the following website for up-to-date information on avoiding being stung by spam and phishing scams:

https://www.plu.edu/helpdesk/support/antivirus-cybersafety/cyber-safety/

If you did reply to one of these phishing e-mails with your username and password, please change your password immediately. This will prevent your account from being used as a source of spam.

Thank you for your help!

Email sent on August 25, 2008:

Subject: PLU NOTICE: Spam E-mails Pretending to be from PLU Tech Support
Date: 8/26/2008
To: The PLU Community

You may have received e-mail messages in the last few days, asking for your PLU e-mail password, that claim to have been sent from a PLU tech support address. Recent examples are:

    PLU SUPPORT TEAM 
<help-desk@plu.edu>

    The PLU Email Support Team 
<tech-Support-account@xxxxxxx.net>

    SUPPORT TERM WEBMAIL.PLU.EDU 
<webmail.plu.edu@dataworld.com.ph>

These were NOT sent out by PLU Information & Technology Services. It is a rather clever phishing scam that has been around for several months and has targeted many universities. If you do reply with your password, the spammers use it to log into the PLU Webmail system and send out spam e-mails from your account. We have had this happen multiple times in recent days.

We will NEVER ask you to reveal your password or other such personal information via e-mail. If you receive such e-mails in the future, just delete them with confidence. And never hesitate to send an e-mail to comptelc@plu.edu to ask about the authenticity of such a message. You can also visit the following website for up-to-date information on avoiding being stung by spam and phishing scams:

https://www.plu.edu/helpdesk/support/antivirus-cybersafety/cyber-safety/

If you did reply to one of these phishing e-mails with your username and password, please change your password immediately. This will prevent your account from being used as a source of spam.

Thank you for your help!

Email sent on June 19, 2008:

Subject:  PLU NOTICE: Alert about fraudulent emails
From: Information & Technology Services <comptelc@plu.edu>
Date: Thu, 19 Jun 2008
To:  The PLU Community

Never respond to “official” looking email asking for personal information, no matter who it appears to come from or how official it looks.  PLU will NEVER ask you to reveal your password or other such personal information via e-mail.

We are experiencing yet another wave of spam to PLU account holders, asking for us to verify their accounts.  DO NOT respond to this request as your login information may be captured by the sender and your account used to distribute still more spam.

You may have received e-mail messages recently that claim to have been sent from a PLU tech support address such as “tech-support@plu.edu” or with subject lines such as “update your PLU.EDU email now”, asking for your PLU e-mail password.  These were NOT sent out by PLU Information & Technology Services.  It is a rather clever phishing scam that has been around for several months and has targeted many universities.  If you do reply with your password, the spammers use it to log into the PLU Webmail system and send out spam e-mails from your account.  We have had this happen once in the recent past resulting in over 40,000 messages sent in two hours.

We will NEVER ask you to reveal your password or other such personal information via e-mail. If you receive such e-mails in the future, just delete them with confidence.  And never hesitate to send an e-mail to comptelc@plu.edu and ask about the veracity of such a message. You can also visit the following website for up-to-date information on avoiding being stung by spam and phishing scams:

https://www.plu.edu/helpdesk/support/antivirus-cybersafety/cyber-safety/

If you did reply to one of these phishing e-mails with your username and password, please change your password immediately. This will prevent your account from being used as a source of spam.

Thank you for your help!

PLU Information & Technology Services