Lately, ITS has received multiple reports of fraudulent emails, most recently citing inboxes that are over quota. These suspicious, or “phishing,” scams are attempting to access your personal data, or lead you to malicious websites.
To protect yourself and the college against these attempts, please remember the following tips:
Tips to protect your identity online
1. Never disclose personal or confidential information. Any email that appears to be an urgent message, but asks for your CWID, password, credit card number, or other confidential information is a major red flag. ITS will never ask for your password in email, nor request that you click on a link to fill out account information online. We do not terminate IT services if you withhold this type of information.
2. Check the email address of the sender. Any messages that come from email addresses you don’t know should be treated with suspicion.
3. Be wary of suspicious links. Always examine links carefully. When it doubt, you can hover your cursor over a link to see the actual site where a link leads.
4. Look for excessive errors. Spam messages are typically poorly written and contain multiple misspellings and grammatical errors. These messages should be reported to the Service Desk.
5. Protect your devices. Keep your data safe with laptop encryption and MobileIron for your mobile devices. ITS technicians install these services at the SMARTDesk in the Wood Library. Visit the SMARTDesk for more information.
What should I do if I’ve received a suspicious email?
Please forward the email as an attachment to spam@med.cornell.edu and it will be added to a list of messages to be blocked. Instructions for forwarding spam as an attachment are available in our Knowledge Base.
What should I do if I’ve already clicked a link in a suspicious email?
Close your browser immediately. Do not open any files if you downloaded them from the link. Report the message and the incident to the Service Desk right away. If you attempted to log into a site that you thought was authentic and it looks suspicious, you should immediately change your account password at identity.weill.cornell.edu if you are on the campus network, or call the Service Desk for assistance.
Questions? Feedback?
Visit our Internet Safety and Fraud Protection page for more information.