Phishing: Another Reminder – NEVER Give Away Your EMU Password!

& Faculty/Staff, General, Phishing, Security, Students.

With several EMU email accounts having recently been compromised because the EMU mailbox owners were tricked into giving away their passwords, I feel I need to, again, remind the campus community that you should never, never, never give away your EMU password.  Did I mention NEVER?

Email messages are being sent to @emu.edu email addresses nearly every day with very clever messages that attempt to trick employees and students into thinking they need to reply or click on a link to go to a web page and provide their username and password.  Our systems block many of these but some inevitably get through our filters.

These are called “phishing” email messages which attempt to have you disclose your EMU email password.  The “phishers” want your username and password so that they can access your email account, not necessarily because they want info about you – although that could be the case in some rare circumstances.  Most likely it is because they want access to an email account from which to send spam – and when that happens to an EMU email account we are ALL put at risk of not being able to send email – because the big email processors (Google, Microsoft, Verizon, AOL, Yahoo) will quickly “blacklist” email servers that they see sending spam.  And the process of getting removed from a spam server blacklist is very difficult.

You can absolutely count on the following to be true:

  1. Information Systems will NEVER ask for your password.
  2. Information Systems will NEVER send you an email telling you that there is a problem with your account.
  3. Information Systems will NEVER send you a link** to a page where you need to re-enter your username and password to “reset” your account.

Please – “just hit delete” whenever you see an email message telling you that something is wrong with your EMU account and you need to “do something” to fix it.  First, our systems would not have these kinds of problems and, second, if there is ever some kind of problem with your account we will NOT use email to communicate with you to resolve it.

I am baffled as to why users continue to be tricked by these messages.  Could it be that we are all drowning in email and we “just want to get through them” and which causes us to zone out and we don’t really stop to think about what we are doing when one of these trickery messages appear?

Slow Down!  Think!  Hit Delete!

Don’t fall for the clever come-on by the phisher!  Everyone is counting on you to “do the right thing” – JUST HIT DELETE!

** We may send you a reminder that your account password will expire in “X” number of days but our instructions will always be to go to MyEMU (my.emu.edu) and then click on the “Royal Password” link on the left column and follow the directions to change your password.