To report a suspicious email saying it's from the University of Hawaii and asking for confidential information:

FIRST: Check to see if the phishing attempt has already been reported by looking at the Security Alerts listing on http://www.hawaii.edu/its/

• If the suspicious email is claiming to be another organization, e.g., credit union, bank, etc., forward it to the abuse team of that company.  There is no need to forward other company's phishing scams to phishing@hawaii.edu
• forward a copy of the message with full mail headers to phishing@hawaii.edu
  [to get full mail headers, please see http://www.hawaii.edu/askus/895 ]

To prevent  compromises:

• NEVER send your password or other confidential personal information in an email message, even in reply to a message that appears 100% genuine. No responsible entity requests information this way.
• DO NOT REPLY to suspicious or spam mail. It just tells the spammers/hackers that they've hit a valid email address.
• if you receive a message asking you to "reactivate your account" or "get more email quota", DO NOT click on the weblink and enter your username and password
• make sure you're up-to-date with all operating systems (e.g. Windows) updates
• make sure you're up-to-date with any anti-virus and anti-spyware updates
• review document Securing your Desktop Computer
• don't save passwords to your email account on your system, it might take a few more seconds to login manually, but it might save you hours of time cleaning up after a compromise

 If you suspect that you are compromised...

• Please review our article: http://www.hawaii.edu/askus/892

• Contact ITS