University of Southern California

Is That Email Really from ITS?

Posted on by mbordas

Phishing involves tricking unsuspecting users into revealing personal information, such as login names, passwords, or credit card numbers, usually by sending fraudulent email messages that appear to come from legitimate sources.  If you receive an email asking you to confirm or change your USC password, take a moment to make sure that it is from ITS and not a phish.

 

1. ITS will never send account-related email from any domain other than @usc.edu.  Look at the From: field of any email referencing your user name or password to see who allegedly sent it.  If the message is not sent from @usc.edu, it is not from ITS.  The header information below is from a recent phish.  Although the display name in the From: field reads Usc.edu, you can see that the message was sent from a Gmail account.

From:  Usc.edu” <batelco.com.bh00@gmail.com>

Date:  February 1, 2013 1:50:20 PM PST

To:  undisclosed-recipients: ;

Bcc: phished-user@usc.edu

Some phishers are able to forge, or spoof, the From: field, so do not immediately trust an email simply because it meets this criteria, especially if it fails the second test below.

 

2.  ITS will never ask for personal information, such as login names or passwords, via email.  Do not reply to or click links in any email that solicits this information.  Below is the body of the email sent to phished-user@usc.edu.

We are presently UPGRADING our Usc.edu Server, this maintenance might close your Usc.edu account completely. To protect your Email Account from being closed, forward your information to the Technical Support Team:

User Name:

Password:

Confirm Password:

Usc.edu

Technical Support

Copyright ©2013, Usc.edu

Note that USC policy requires that you change your password every six months, and ITS will send reminder emails during the month before your password expires.  These reminder emails will neither include clickable links nor ask that you supply any account information; rather, they will direct you to change your password on the main ITS website.

If you need to change your USC password, change it only on the ITS website.  Either go to the ITS homepage by typing www.usc.edu/its into your browser and clicking on the Change USC Password icon OR go directly to the password change site at https://mypassword.usc.edu.

 

For more information about phishing, see http://www.usc.edu/its/security/phishing.html. If you are unsure of the validity of an email, forward it (along with as much header information as possible) to security@usc.edu.

Comments are closed.