Why Should You Report Security Incidents? And How Do You Report One?
Photo and Video Privacy Issues
The Password is Dead, Long Live the Password!
Data Privacy Month: NSA Surveillance Panel at the National Constitution Center
Protecting Your Finances During This Year’s Holiday Shopping Season
Beware of Phishing E-mails in the Wake of Typhoon Haiyan
No E-mail from Penn Will Ask For Your Username/Password or SSN
The Children's Online Privacy Protection Act: Does It Apply to Your Website?
October: National Cyber Security Awareness Month; Free Secure Disposal of Paper and Electronics
What Basic Rules Protect Student Information at Penn? (September 2013)
Protecting Privacy and Security on Penn + Box
Security Starts With You
New Regulatory Changes: Do They Apply to Your Area?
Protecting Yourself from Rogue AntiVirus Warning Scams
Security and Privacy Tips for World Travelers
Tuesday, December 21, 2010 - Almanac Vol. 57, No. 16
When sending an announcement via e-mail, it can be difficult to make sure recipients will recognize it as a legitimate communication from your office, and not as a forgery, scam, or phishing attempt. Here are some steps you can take to make sure recipients recognize your e-mail message as legitimate:
- Provide contact information (other than an e-mail address) that recipients can use to verify legitimacy, e.g., sender's name as it appears in the Online Directory and campus phone number.
- Don't send any sensitive information, e.g. passwords, in e-mail. Such information should be communicated using other, more secure channels.
- Include only Penn (upenn.edu) e-mail addresses and web sites in the e-mail.
- Whenever possible, avoid sending a website link at all, particularly if you need the recipient to go to the site to log in or provide personal information. Instead, recommend that they visit your site X (by using a bookmark or your known website address) and click on the link for Y.
For more information, contact ISC Information Security (firstname.lastname@example.org). For technical assistance, contact your Local Support Provider.