Quick Links ...

12 Steps Toward Secure Computing

 

Anti-Virus Software (free for DU students & employees)

Would you give your password to a stranger on the street?

If not, then why would you send your password, via e-mail to a complete stranger?
While we are doing our best to block or tag any suspicious messages, in particular messages designed to convince you to reveal your user name and password, some of these messages still do arrive in Inboxes.

See some examples of messages below that did arrive in DU Inboxes, and were succesful in convincing some users to send their login information to an off campus e-mail address.

The first messages was somewhat crude while the second one more sophisiticated.
No mater what the messages says or how it appears, always remember this:

UTS will NEVER ask for secret or private information relating to your logon credentials at DU via e-mail.

Note:

When you do receive a message that requests account or other private information via e-mail remember this:
  • E-mail, by its very nature, is not secure. It is the equivalent of sending an unsealed post card though the postal system. It is not the appropriate means to communicate sensitive information.
  • If you receive a message asking for private or sensitive information via e-mail, and are unsure if it is legitimate, please check it out with us by forwarding the message to abuse@du.edu and asking for clarification.

    Also: if you are sure that a message is not legitimate and it is not tagged as spam, please be sure to forward it to is-spam@du.edu so we can take action to block or tag the messages in the future.

If you have questions or require assistance, please contact the Help Desk at (303) 871-4700.

Example 1:

Subject: REPLY A.S.A.P!!!!!!!!
From: WEB TEAM <team.webteam14@gmail.com>
To: Some.One@du.edu
Date: Sat, 20 Jun 2009 08:03:46

This is to notify the entire University of Denver students that we would
be upgrading our server,so we want you to send the following information,
in order to keep your account still active after the upgrade.

1)User name:
2)Password:
We would want you to acknowledge this email asap.

From the Administrator University of Denver.

Example 2:

Subject: [WEBMAIL] System Upgrading
From: Admin Help Desk <webmailcentre@googlemail.com>
To: Peggy.Doe@du.edu
Date: Sun, 25 Jan 2009 23:53:09

Dear Peggy Ellen Doe,

This message is from Web Announcement messaging centre to all University of
Denver's E-mail account owners beginning On Monday 26th January, 2009 from
11:45 PM until 7:20 AM, all Mail hub systems in the Portal will undergo
regularly scheduled maintenance in Internet Mail Server; Access to your
e-mail via the Web mail client may be unavailable for some time during this
maintenance window. We are currently upgrading our database and e-mail
account centre. We are modifying all EDU email accounts to create more space
for new accounts.

To complete your EDU Web Email account, you must reply to this email
immediately and enter your CORRECT PASSWORD here (___________) immediately
for upgrading, Failure to do this will immediately close your Email address
here (__________________________) may be deactivated from our database after
7 days. Once we have updated your account, current records will be sent your
Online Account and your service will not be interrupted and will continue
working as normal.

Your Email Address Here:

Correct Password Here:

Date of Birth:

Final Notification, Please Protect Your EDU Web Email From Being Closed.

Warning Code: {DU0707102DV}

Please accept our apologies for the inconvenience.

Thanking You,

Web Based Email Team

Copyright (c) 2009 The University of Denver.