Beware of Phishing E-mails in the Wake of Typhoon Haiyan
No E-mail from Penn Will Ask For Your Username/Password or SSN
The Children's Online Privacy Protection Act: Does It Apply to Your Website?
October: National Cyber Security Awareness Month; Free Secure Disposal of Paper and Electronics
What Basic Rules Protect Student Information at Penn? (September 2013)
Protecting Privacy and Security on Penn + Box
Security Starts With You
New Regulatory Changes: Do They Apply to Your Area?
Protecting Yourself from Rogue AntiVirus Warning Scams
Security and Privacy Tips for World Travelers
Handling Documents and Data of Faculty and Staff Who Have Left Penn
Spring Cleaning Your Office? Know What to Do with E-Waste
Keep Your Identity Safe When Filing Taxes This Year
Why use Penn+Box when Storing Data in the Cloud
Mobile Device Security - 3 Recommendations for Cloud Users (Hint: That's You!)
Tuesday, December 21, 2010 - Almanac Vol. 57, No. 16
When sending an announcement via e-mail, it can be difficult to make sure recipients will recognize it as a legitimate communication from your office, and not as a forgery, scam, or phishing attempt. Here are some steps you can take to make sure recipients recognize your e-mail message as legitimate:
- Provide contact information (other than an e-mail address) that recipients can use to verify legitimacy, e.g., sender's name as it appears in the Online Directory and campus phone number.
- Don't send any sensitive information, e.g. passwords, in e-mail. Such information should be communicated using other, more secure channels.
- Include only Penn (upenn.edu) e-mail addresses and web sites in the e-mail.
- Whenever possible, avoid sending a website link at all, particularly if you need the recipient to go to the site to log in or provide personal information. Instead, recommend that they visit your site X (by using a bookmark or your known website address) and click on the link for Y.
For more information, contact ISC Information Security (firstname.lastname@example.org). For technical assistance, contact your Local Support Provider.