Tuesday, December 21, 2010 - Almanac Vol. 57, No. 16
When sending an announcement via e-mail, it can be difficult to make sure recipients will recognize it as a legitimate communication from your office, and not as a forgery, scam, or phishing attempt. Here are some steps you can take to make sure recipients recognize your e-mail message as legitimate:
- Provide contact information (other than an e-mail address) that recipients can use to verify legitimacy, e.g., sender's name as it appears in the Online Directory and campus phone number.
- Don't send any sensitive information, e.g. passwords, in e-mail. Such information should be communicated using other, more secure channels.
- Include only Penn (upenn.edu) e-mail addresses and web sites in the e-mail.
- Whenever possible, avoid sending a website link at all, particularly if you need the recipient to go to the site to log in or provide personal information. Instead, recommend that they visit your site X (by using a bookmark or your known website address) and click on the link for Y.
For more information, contact ISC Information Security (firstname.lastname@example.org). For technical assistance, contact your Local Support Provider.