'Phishing' on the rise: keep personal information private
"Your password will expire in 4 days."
"Re-activate your account."
"Email verification - update your email."
"New parcels(s) Sender: DHL Support."
These are just a few of the 'phishing' emails that made their way to email inboxes on campus in the last several months. Each has a built-in ploy to get us to click on links, open attachments, or disclose personal or account information that could give scammers access to our accounts, credit or identity, or enable them to compromise our computers.
Even with campus filtering and spam blockers in place working to filter out suspicious emails every second of every day, some spurious emails unavoidably get through. Be mindful of these and if you receive email asking for personal information (like your social security number, birth date, user accounts, or passwords) that claims to be from OIT or another University office, know it's not us. No University department, or reputable organization for that matter, would ever ask for your personal information by email.
If you receive an email that seems suspicious, don't respond with personal information or click on links or attachments. Instead, visit The Phish Bowl and scan the list of recent phishing alerts. If the email is posted, there's no need to report it. Simply delete the email and you're done. If the suspicious email is not posted to The Phish Bowl, delete any attachments and report it by forwarding to firstname.lastname@example.org. You can also follow @PUOITSOC on Twitter for alerts on phishing attempts that have been reported on campus. You can also contact the OIT Help Desk 24/7 at 8-HELP or email@example.com for assistance, or to report an email.
If you believe you may have unintentionally compromised your University account, it’s important to change your password as soon as possible at www.princeton.edu/changepassword.