Ohio University is open; a transformer failure has temporarily closed the West Union Street Office Center.

OIT Tech Support can still be reached by calling 3-1222. More Information
 
OIT Tech 32px
How to fix "Unrecognized course" Blackboard error in Campus Pack tools
Securing the cyber generation gap
Site licensing for Adobe, Microsoft and Smartsheet
May 2015 Blackboard upgrade completed
Top 30 targets for hackers: Are you on the list?
Blackboard upgrade: SafeAssign and Calendar improvements
How to fix iOS WiFi issues: Forget and re-add the OHIO network
Blackboard upgrade: Student Preview mode
Down time for Blackboard upgrade to be shorter than expected
Recordings of CIO candidate open forums
deco-circuit-banner

Email scams on the rise: What you can do

Thursday, April 17, 2014
Sean O'Malley  

University employees should be on the lookout for fraudulent emails that ask them to provide their OHIO ID and password, log into a secure site, or confirm their personal or account information.

"The Internet security community is reporting an increase in attacks aimed at university employees, with the goal of modifying their paycheck direct deposit settings," said security analyst Ed Carter. According to Carter, the messages used in these "spear phishing" attacks are carefully designed to include phrases, web sites, and links that are specific to the school being targeted.

Many of these scams can look quite convincing, but Carter says one simple rule can keep you from having your credentials - and possibly your paycheck - stolen.

Don't send, don't click

If you receive an unsolicited email asking you to do any of the following, don't do it:

  • send someone your OHIO ID and password
  • click on a link
  • open an attachment
  • provide sensitive information like your Social Security number

Legitimate requests

If OIT needs you to log into a web page, that page will not be clickable inside the message. Instead, we will include instructions on how to reach that link from the OHIO front door. For example, in a recent message to users who might have been affected by the Heartbleed security bug, we included the following instructions:

To change your password, look for a link on any of these OHIO web pages:

  • Students page
  • Employees page
  • Information Technology home page

None of those bulleted items was clickable - by design. The recipient had to open a web browser, type in "www.ohio.edu" and then navigate to one of the named pages.


Related Links

University of Michigan warns against email scams as some direct deposit accounts are compromised 
Internet scammers change some BU direct deposit accounts
Watch out for email scams