Spam, Spoofing and Phishing

Overview

Following are types of malicious communications attempts. Never reply to an email or submit your username and/or password in response to an email, IRT will never ask for your credentials via email.

Phishing:
Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by acting as a trustworthy source. Phishing is typically carried out by email, and it often directs users to enter details by replying to the message or at a fake website whose look and feel are almost identical to the legitimate one.

The IRT Tech Desk does keep track of new phishing attempts. If you receive a suspicious email and are unsure of its authenticity please check our alerts page. Please note that IRT will never ask you for your credentials via email. If you do not see the email on our alerts page please feel free to send it to the IRT Tech Desk. Also, note you should never reply with your credentials, or click on any links provided in suspicious emails.

Spam:
Spam is the use of email to send bulk messages; it often is commercial advertising for dubious products, get-rich-quick schemes, or quasi-legal services. Spammers gather email addresses in many ways. Just as with our mailboxes at home, we are subject to receiving junk mail electronically. The best course of action is to delete these emails when you receive them.

To significantly reduce spam only use your UST account for UST related business. Create an alternate account (e.g. Yahoo!, Gmail, Hotmail etc) for online purchases and registrations.

All UST accounts have spam filtering. UST uses a product called MailMarshal to filter spam. MailMarshal’s filters are updated weekly to try to get ahead of the latest spam tactics. The filters react to what’s out there so the amount of spam in your inbox will diminish and flow as the people who write the filter rules try to keep up with the people who write the spam messages.

IRT offers a higher level of spam filtering within MailMarshal, to those who request it. It is important to note that the higher level of filtering may result in legitimate emails being filtered. You will receive a daily email, which will allow you to review the messages stopped from reaching your inbox and release messages from legitimate senders. To request to be added to MailMarshal please contact the IRT Tech Desk.

Email Spoofing:
Email spoofing is the process of faking the ‘from’ address when sending an email so that the recipient thinks it came from somewhere else. Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).

As long as you have not provided your username or password to anyone then you need only delete the email. If you believe that you have given out your credentials and compromised your account please alert the Tech Desk  and immediately change your password at www.stthomas.edu/password. Please give the Tech Desk a call if you encounter further questions or have any concerns.