Ithaca College

DIIS wants everyone to be wary of responding to or clicking links in messages that seem vague and are unsolicited.

The recent Google Docs incident is a good example.

DIIS regularly receives reports of email "phishing" scams which use various tactics to get recipients to provide personal information or inadvertently reveal their password. The fraudulent messages often claim that they have a document or some other information to share, or that an account will be disabled or deleted if the recipient doesn't respond.

Users should never respond directly (either by sending a reply to or clicking a link in) these types of email messages. Instead, verify the authenticity of the message by contacting the company cited in the email via a telephone number or website address known to be genuine (such as one shown on a billing statement). If the sender and content are unfamiliar, just delete the message.

Here are some message characteristics that should make the recipient suspicious of the legitimacy:

• Messages from non-Ithaca email addresses (if the message is related to any kind of IC account)
• Messages from someone you don't know
• Messages with no salutation or a generic salutation such as “Dear Account Owner”
• The use of all caps, spelling mistakes, or poor grammar
• Unsolicited messages with a vague subject or body that include links

In the event that you are tricked into responding, the best course of action is to immediately change your password for the account in question.

Digital Instruction and Information Services (DIIS)
Service Desk
servicedesk@ithaca.edu
104 Job Hall
607-274-1000