1. Saint Mary's College will never ask for your password over e-mail.

    2. You should not reply in any way to e-mail messages that request information such as your password, your birth date, your credit card and bank account numbers, your Social Security number, or any other sensitive information. No legitimate institution (including colleges and banks) will ask for these details over e-mail. If you receive an e-mail directing you to a phone number or website to provide this information, do not use the contact information or links provided in the message. Instead, contact the institution using their officially published phone number or website and ask for instructions.

    3. Saint Mary's Information Technology will not send e-mail to students, faculty, or staff regarding their network accounts without providing detailed contact information in a signature that you can confirm via the Saint Mary's Online Phonebook. (http://eureka.saintmarys.edu/phonebook/)

    4. To change your Saint Mary's password, please visit http://www.saintmarys.edu/account. If you have responded to a phishing scam, change your password immediately.

    5. While Saint Mary's College attempts to block fraudulent messages before they reach your e-mail inboxes, the scammers are usually one step ahead of the e-mail filters. If you receive a phishing e-mail, simply delete the message.

    6. The SonicWALL Phishing and Spam IQ Quiz tests how well you can identify a legitimate e-mail from a phishing scam. http://www.sonicwall.com/phishing/

    7. When Saint Mary's Information Technology discovers that an e-mail account has been compromised (usually as a result of a phishing scam), we will lock the account to prevent further access. While this stops the person with your account from doing further damage (including deleting messages in your account, reading any messages in the account to cull personal information, changing the account settings, and sending excessive amounts of phishing and spam messages), it will also prevent the owner of the account from accessing their e-mail. If you suspect that Information Technology has locked your account, please contact ResNet (students) or the Helpdesk (faculty and staff) for information on setting up an appointment to have your account restored to your control. Appointments should be expected to last an hour, and you will need to bring givernment-issued identification with you. (Appointments are required for addressing compromised accounts, walk-in requests for assistance cannot be accommodated.)

    8. If an account is compromised and phishing and spam messages are sent, Internet Service Providers (ISPs) or e-mail hosting services may decide to block all messages from the domain the messages are from (saintmarys.edu) to protect their customers. Hotmail, MSN, Live, AOL, AT&T, and SBCGlobal have repeatedly blocked/blacklisted saintmarys.edu after one of our accounts has been compromised, preventing any messages with a saintmarys.edu address from going through to the intended recipients. Information Technology works with the ISPs to remove our domain (saintmarys.edu) from blacklists when this occurs.

    9. Saint Mary's College has multiple students, faculty, and staff reply to phishing scams with their personal information annually. Information Technology cannot stress enough that we will never ask for your password or other personal information over e-mail.

    10. Examples of recent phishing scam subject lines:

      • Hello saintmarys.edu User
      • Email Alert
      • RECONFIRM YOUR WEBMAIL ACCOUNT
      • Dear Webmail/E-mail User
      • Account Upgrade/Maintenance
      • Mailbox Upgrade
      • Security Alert
      • Saint Mary's College Webmail Login Service Online Customer Support Update 2010
      • Attention Email Account holder
      • Dear Staff/Student
      • UPDATE YOUR WEBMAIL QUOTA NOW!!!
      • Quarantine Summary Digest
      • Dear Webmail User
      • ACCOUNT MAINTENANCE & UPGRADE!!
      • Mailbox Update
      • Weekly Email Maintenance!!
      • Maintenance Update!!
      • Mailbox has Exceeded Storage Limit
      • YOUR EDU. ACCOUNT CONFIRMATION. ! ! !
      • Confirm your Saintmarys.Edu Email Account Now!
      • EMAIL ACCOUNT MAINTENANCE
      • Alert: Mail Quota
      • Verify Your E-mail Account
      • FINAL VERIFICATION OF YOUR EMAIL ACCOUNT
      • Account Confirmation {Account Expires in 4 days}
      • Confirm Your Account Details
      • E-mail Account Maintenance
      • TOP URGENT!!! (Please Verify Your Account Immediately)
      • Verify Your E-mail Account/Block Spam
      • Your Account
      • Alert: Mail Quota
      • Confirm Email Account
      • Verify Your E-mail Account
      • UPDATE YOUR WEBMAIL ACCOUNT DETAILS !!!

    11. Examples of recent signatures or "from" names for phishing scams:

      • saintmarys.edu Webmaster Service
      • Webmail Help Desk Support
      • ITS Help Desk
      • WEBMAIL SERVICE CENTER
      • 2010 Account Upgrade
      • Web Support Team
      • Saint Mary's College Webmail Login Service Online Customer Support Update 2010
      • Help Desk Team
      • Helpdesk Team
      • IT Help Desk
      • saintmarys.edu ACCOUNT SUPPORT TEAM
      • McAfee Secure Internet Gateway
      • Edu Account Upgrade Team
      • EDU ACCOUNT UPGRADE TEAM
      • Leboyd Nichole, Webmail Administrator.
      • Webmail Support Team
      • Webmail Helpdesk
      • Technical Support Team
      • WEBMASTER SUPPORT TEAM.
      • Webmail Help Desk.
      • Mail Administrator
      • IT Service
      • Support Team
      • Saintmarys.edu Web Team
      • Saintmarys.edu Support Team

    12. For more information, please visit:

Last Modified July 27, 2011