[Important Information for Employees] Be on the lookout for email phishing scams!

[Information Technology Services CIO Office]

Campus Community:

Like clockwork, the beginning of the semester always seems to bring an
increase in phishing scams
<https://www.ftc.gov/news-events/topics/identity-theft/phishing-scams> hitting
campus email accounts. This year is no different.

In the past week, our campus has been hit with a significant uptick in
these targeted scams. Many are emails that appear to come from another
campus colleague, external vendor, or student from whom you typically
receive emails.

*It's important to remember that the FROM address is easy to manipulate on
an email. *If you receive an email that looks suspicious, review it
carefully before proceeding.

*How can I tell whether a message is fraudulent?*

   1. *Hover over links to view the actual URL they reference. *Note
   the discrepancy between the text language and the link. If the link goes to
   an outside address instead of a legitimate SUNY Plattsburgh address, it's
   a scam.
   2. *Identify that the "from" email address matches the display name.* The
   "from" address may look legitimate at first glance, but a closer look at
   the email headers may reveal that the email address associated with the
   display name is actually coming from someone else. Off-campus messages are
   marked as EXTERNAL. *If an email comes from an address that isn’t
   affiliated with the apparent sender, it’s almost certainly a scam *(though
   there can be exceptions to this situation).
   3. *It came from an @plattsburgh.edu <http://plattsburgh.edu/> address
   but still looks like a scam. *If after inspection you believe that it
   came from an @plattsburgh.edu email address and you still have concerns,
   please forward those messages to helpdesk at plattsburgh.edu. It may be
   that the sending account is compromised and we need to take action.

*General Guidelines*
Phishing scams typically take the form of targeted email or text messages
designed to get victims to engage and establish a rapport. The *fake *
*messages **are always changing*, so be aware of basic safety practices
when encountering suspicious messages.

The goal of the criminal is to steal data, money, or both. Never part with
any of these valuables.

If you receive a suspicious message, follow these steps:

   1. *Do not reply*.
   2. *Mark the message as Spam.*
   3. *If you have replied *or are unsure about what to do, contact the ITS
   Helpdesk
   <https://www.plattsburgh.edu/academics/resources/technology/csds/helpdesk/index.html>
without
   delay.

As always, should you have any questions about phishing scams or any other
cyber-security issue, please feel free to contact the Helpdesk
<https://www.plattsburgh.edu/academics/resources/technology/csds/helpdesk/index.html>.
You will also find helpful information on our Information Security web page
<https://www.plattsburgh.edu/academics/resources/technology/infosec/index.html>
.

Thanks for helping to keep the campus community cyber-safe.

-- 

*TJ Myers*

Director & Chief Information Officer

Information Technology Services

215 Feinberg

101 Broad Street
<https://maps.google.com/?q=101+Broad+Street+Plattsburgh,+NY+12901&entry=gmail&source=g>

Plattsburgh, NY 12901
<https://maps.google.com/?q=101+Broad+Street+Plattsburgh,+NY+12901&entry=gmail&source=g>

(o) 518-564- <(518)%20564-2449>5180

(f) 518-564-3817

*plattsburgh.edu <http://plattsburgh.edu/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ls.plattsburgh.edu/pipermail/critical-employees/attachments/20230824/7aceb8f6/attachment.htm>