Skip to Content - Skip to Navigation

How to Submit a Spear Phishing Message to IT Support

 

Not What You’re Looking For?

or Browse by Categories

This Article’s Categories

Click any item to add it to your Browse by Categories list.

E-mail(142)

Student(451)

Faculty(733)

Staff(527)

You can help safeguard IUP’s e-mail environment against IUP e-mail username/password spear phishing attempts by submitting a spear phishing message to IT Support personnel.

Below are the steps on how to do this.

  1. Verify the message: The first step is to verify the message is an e-mail username/password phishing attempt targeting IUP users and not just normal spam or an Internet scam. E-mail messages that have titles like “Dear IUP E-mail subscriber,” “Confirm your IUP E-mail account,” “Your E-mail Account Upgrade,” or “Verify your School Webmail Account Details,” or that specfically ask you for your username and password in the body of the message, are those that should be reported. Here is an example of a username/password spear phishing message. Please DO NOT send copies of spam, Internet scams/frauds, and other non-username/password phishing.
  2. Forward the message as an ATTACHMENT: Forward all spear phishing messages as attachments. This gives IT Support personnel the information needed to block others from replying to the specific phishing attempts.
    • Windows Mail: Right-mouse-click on the original spear phishing message in the message list pane and select “Forward As Attachement.”
    • Microsoft Outlook: You will need to change your e-mail options to send messages as attachments. In the menu bar, select: Tools > Options, then in the preferences tab, select the “E-mail Options” button. Under “When forwarding a message,” select “Attach original message.”
    • Mozilla Thunderbird: Open the message you want to forward and select Message > Forward As > Attachment from the menu.
    • imail: imail forwards e-mails as attachments by default.
  3. Where to send the attached message: Send all attached spear phishing E-mails to abuse@iup.edu.
  4. What is done with the message: IT Support will verify the message is a username/password spear phishing message and block replies to the phisher’s e-mail address for the specific attack, and, in some cases, will also block the system that sent the message if the same system continues to attack us.

Last modified on 10/9/2012 8:44:13 AM
URL: http://www.iup.edu/itsupportcenter/howto.aspx?id=49705

  • Office Hours
  • Monday through Friday
  • 8:00 a.m.–4:30 p.m.
  • ihelp.iup.edu