That email that sounds too good to be true almost certainly is
Purdue is regularly targeted by scam “phishing” emails, like the "cool cash" series offering big money for small jobs. Some of these messages can look quite legitimate, in part because they're sent from compromised Purdue accounts commandeered by scammers.
To avoid being the next one to have your account compromised, keep these three tips from ITaP’s security staff in mind when you check your inbox:
- Providing personal information (passwords, Social Security numbers, account numbers, and so on) through email or by phone in response to an unsolicited request is always a bad idea. Purdue will not ask for your credentials by email. If you receive an email requesting private information, report it to email@example.com.
- Emails containing clickable web links should always be questioned, even if they look like official Purdue email on the surface. Best bet: don’t click email links. If you do, don't enter your password or other information at a website unless you are certain it is a valid site. If you are not sure, email firstname.lastname@example.org and ask.
- Never open any attachment sent with an email if you do not know the sender and, even if you do know the sender, are not expecting the attachment from them. If you're unsure, check directly with the person. If they report that they did not send the message, report it to email@example.com.
While some phishing emails look legitimate, there are often telltale signs that a message is a scam. Grammar and spelling mistakes are red flags. So are calls for immediate action, including instructions to visit a website and sign in with your Purdue credentials or to open an attachment.
Visit the Secure Purdue website for more information on staying safe online and keeping your personal data and Purdue's data secure.
Remember: October is National Cybersecurity Awareness Month!
Last updated: October 8, 2019
- How Purdue's spam filtering works
- Know your BoilerKey, features to help prevent, solve lockouts
- Scammers gonna scam: What you can do to prevent falling for phishing attacks during COVID-19
- Instructors should save student data from Blackboard, as campus transitions to Brightspace
- Faculty member’s advice for Brightspace: Get started now (it'll be worth your time)
- New online proctoring tool offered for summer session