To report a suspicious email saying it's from the University of Hawaii and asking for confidential information:
FIRST: Check to see if the phishing attempt has already been reported by looking at the Security Alerts listing on http://www.hawaii.edu/its/
- If the suspicious email is claiming to be another organization, e.g., credit union, bank, etc., forward it to the abuse team of that company. There is no need to forward other company's phishing scams to firstname.lastname@example.org
- forward a copy of the message with full mail headers displayed to email@example.com
To display the full email header in Google@UH Gmail (webmail):
- Log in to Gmail using a web browser.
- Open the message you'd like to view headers for.
- Click the down arrow (says More) next to Reply, at the top of the message pane.
- Select Show Original.
The full email headers will appear in a new window. Copy and paste full email header into the forwarded message.
[to get full mail headers for other email clients, please see http://www.hawaii.edu/askus/895 ]
If you would like to receive phishing notices by email, go to http://www.hawaii.edu/its/notices/index.php and subscribe to our phishing-alert email list.
To prevent compromises:
- NEVER send your password or other confidential personal information in an email message, even in reply to a message that appears 100% genuine. No responsible entity requests information this way.
DO NOT REPLY to suspicious or spam mail. It just tells the spammers/hackers that they've hit a valid email address.
if you receive a message asking you to "reactivate your account", "validate your account", or "get more email quota", DO NOT click on the weblink and enter your username and password
make sure you're up-to-date with all operating systems (e.g. Windows) updates
make sure you're up-to-date with any anti-virus and anti-spyware updates
don't save passwords to your email account on your system, it might take a few more seconds to login manually, but it might save you hours of time cleaning up after a compromise
If you suspect that you are compromised...
This article is part of the Spam at the University of Hawaii