Information Technology Services

• Students
• Faculty
• Staff
• Services:
• A-C
• D-J
• K-Q
• R-S
• T-Z

• ANGEL
• Computer Labs
• eLion
• ITBytes
• Social Networking
• Studio 204

• ANGEL
• Multimedia Center
• Publishing Support
• Research Computing
• Teaching Support

• Administrative Systems
• Calendaring
• Computer Security
• Training
• Phones
• Workflow

• Accounts
• Alerts
• Administrative Systems
• Computer Security
• Computer Store

• Downloads
• E-mail
• Help Desk
• High Performance Computing
• Internet Access

• Network Services
• Passwords
• Phones
• Podcasts
• Printing
• Publishing Support

• Research Computing
• Software
• Spam control
• Spyware protection
• Storage space

• Training Services
• Virus Protection
• Web Publishing
• WebMail
• Wireless

ITS Alerts RSS

ITS Alerts by Date

ITS Alerts by Service

• Administrative Systems (AIS)
• ANGEL
• eLion
• E-mail (spam, phishing)
• E-mail Servers (email.psu.edu or mail.psu.edu)
• Library Services
• Network
• Phone service
• PASS File Server
• Tivoli Storage Manager (TSM)
• Web Services
• WebMail
• Miscellaneous

ITS Alerts by Location

• All locations
• University Park
• Abington
• Altoona
• Beaver
• Berks
• Delaware County
• Dickinson: The School of Law
• Dubois
• Erie: The Behrend College
• Fayette: The Eberly Campus
• Great Valley: School of Graduate Professional Studies
• Greater Allegheny
• Harrisburg
• Hazleton
• Hershey Medical Center and College of Medicine
• Lehigh Valley
• Mont Alto
• New Kensington
• Pennsylvania College of Technology
• Schuylkill
• Shenango
• Wilkes-Barre
• Worthington Scranton
• York
• Other locations

• Current Alert
• Resolved Alert
• Future Alert

Targeted password phishing continues

Last updated on March 21, 2008 at 4:42PM

Bogus E-mail messages claiming to be from Penn State IT offices continue to be sent on an almost daily basis from spammers overseas, and are likely to continue for the foreseeable future.

Users should be aware that Penn State's ITS staff will never ask for your password, either by E-mail or in person. Official correspondence from a Penn State office will include contact information such as a phone number, these fake messages do not. For more information visit the ITS Take Control website's Phishing Tips:
http://its.psu.edu/takecontrol/phishing.php

Penn State is not alone. Other universities have been experiencing the same "spear phishing" attacks since late 2007. The intent of this social engineering trick appears primarily to be to use universities' web mail systems to send spam with the newly acquired userID/password combination. Some schools report unauthorized access to library databases with the university user's credentials.

There is no need to report these phishing E-mail, as ITS staff have been receiving them as well. Please delete these messages.

For more information, please contact ITS Help Desk (helpdesk@psu.edu).

Back to ITS Alerts

Impact Information