Here’s the situation: you’ve received an email and you’re unsure whether or not it is real or not. Some emails are blatant attempts to steal your personal information. Other scam emails aren’t so easy to detect. Here are some tips to determine if the email you’ve received is spam.
1.) Look at the to, from, and reply to addresses!
This weekend, an email went to a number of SJU employees. The text is below:
Reply To: firstname.lastname@example.org
The @sju.edu database is undergoing an account upgrade. All subscribers are required to reply to this email:(email@example.com) with their username: and password: to ensure that their account remains subscribed to the web-mail database Otherwise your account will be De-activated from the database.
IT Services Help Desk
Do those email addresses seem fishy to you? It’s because they are! If you are not familiar with an email address, don’t open it, respond to it, or click any links within the body of the email. Just delete it. Email messages from the SJU Office of Information Technology will come to you from an official SJU email address (for example, firstname.lastname@example.org).
2.) Is the email asking for personal information?
You’ll notice in the email above, the sender is requesting the customer’s “username and password“. SJU OIT will never ask for that information. Nor will any legitimate sender. If you receive an email asking for personal information, please delete it.
3.) Check the signature!
IT Services Help Desk
An email from SJU OIT will contain a formal header, subject line, and signature. We do our best to eliminate any guesswork and confusion. A typical email from the SJU Office of Information Technology will have a subject line similar to this: “IT Outage: Blackboard July 26th”. Our header looks like this:
4.) Are there spelling errors or randomly capitalized letters?
This may be less common but is a dead giveaway that the email you’ve received is a scam.
Some spammers are far more sophisticated than others. Forgers can fake a sender address, signature, and header. Here is an example of a spam where the sender references Zimbra, our employee email client, but you’ll notice that the from address is not an SJU email address:
From: “Patricia Rissmiller” <email@example.com> (who?!?)
Sent: Friday, September 27, 2013 12:05:23 PM
Subject: Upgrade Alert
You have exceeded your zmail.sju.edu quota limit of 500MB and you need to expand the zmail.sju.edu quota before the next 48 hours. If you have not updated your zmail.sju.edu account in 2013, you must do it now. You can expand to 10GB zmail.sju.edu quota limit.
If you are ever in doubt about an email that you’ve received, please contact the TSC and we can determine its validity. If you’ve received an email that you are certain is spam, please forward it to firstname.lastname@example.org. This email address is used by our email system administrators to strengthen our spam servers.
As always, if you have any questions or concerns about an email that you believe may be fraudulent, please contact the TSC.