Columbia University Information Technology

Service Alerts

COLUMBIA PHISHING SPAM EMAILS

Service: 
Service Impact: 
Alert Date: 
05/13/2008 - 12:14pm to 05/13/2008 - 12:15pm
Main Content
Alert Message: 
Recently, Columbia University has been the target of a "phishing" attack. Identity theft scams are becoming more sophisticated -- Columbia affiliates have received messages instructing them to report their password (via email) or risk having their CubMail access disabled.

Columbia University and CUIT will never ask you for your password or any other private information (e.g. credit card number, social security number) in an email message. While our spam filters are very good, no system is perfect. You can help protect yourself against identity theft by following these suggestions:

* Never send your password or Social Security Number by email to ANYONE
* Banks and financial institutions will never ask for your account numbers, PIN or passwords by email
* Never enter your credit information into a non-secured web page (a secure web page starts with https:// [note the "S" for "secure"] and will display an image of a lock in the browser window edges)
* Don't fall for stories about winning the lottery, dealing involving the wiring of money or any promises of money from relatives you are unaware of


See security.columbia.edu for other security information. Or, use the 'Computer Security' link under 'Quick Links' on the Email & Computing page.

If a particular message claims to be from CUIT, confirm the authenticity of that message by going to www.columbia.edu, navigate to the Email & Computing page and examine the Service Alerts section.