|One Step Ahead
September 2, 2008, Volume 55, No. 2
Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.
No E-mail from Penn Will Ask For Your Username/Password
Fraud Artists Working Now to Convince You Otherwise
In recent weeks, we have witnessed an increasingly sophisticated set of e-mail messages that look very similar to legitimate messages from some Penn programs. The key difference is that the fraudulent e-mails ask you for your username, password and other information.
Make no mistake—Penn as a University, and Schools and Centers at Penn, will never ask you for your username and password via e-mail.
A list of fraudulent phishing e-mails seen at Penn is available at www.upenn.edu/computing/security/phish.
If you have any doubt about whether an e-mail request is legitimate, do not respond to the e-mail—instead contact your Local Support Provider.
To receive weekly OneStepAhead tips via email, send email to firstname.lastname@example.org with the following text in the body of the message: sub one-step-ahead <your name>.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.