Phishing Scam Alert

[image of fishing hook]

NEVER DISCLOSE YOUR EMAIL PASSWORD.

"Phishing" attacks have targeted Penn and several other universities. In these attacks, faculty, staff and students receive a fraudulent email message and are asked to reply with their email username and password. Do not reply.

The subject line and content of these messages come in various forms. They often appear to come from SAS Computing or other legitimate support providers and can look very authentic. You can see examples of recent fraudulent messages at http://www.upenn.edu/computing/security/phish/

We want to remind you that you should NEVER disclose your password to anyone, including those presenting themselves as support providers or school officials. SAS Computing or other legitimate system administrators will never ask for your password.

If you get any message that ask you for your password, please do NOT reply or forward the message - just delete it.

If you think you already may have been deceived into disclosing your password, please fill out our help form and we will investigate (and of course you should NOT include your password in your help request).

Detailed information about email security is available from http://www.upenn.edu/computing/security

Advice about how to avoid phishing scams is available at http://www.antiphishing.org/consumer_recs.html

Check Penn's Phishing Email Archive to see whether a suspicious email has been identified as fraudulent: http://www.upenn.edu/computing/security/phish/

Thank you for your help in maintaining a secure computing environment at Penn.

 

SAS Email Support Team