Baylor > ITS > Security > BearAware > BearAware Bulletins/Alerts > March 2012 BearAware Security Alert

March 2012 BearAware Security Alert


Index Button

 

Members of the Baylor community continue to receive an increasing number of false and misleading email messages that attempt to gain access to university login credentials. Sadly, in the month of February over 35 Baylor email accounts were compromised by users giving away their username and password.

While we realize that we have sent "BearAware Alerts" in the past on this topic it appears that the message may not be clear to all in the Baylor user community. ITS attempts to proactively block these phishing messages, but this is a reactive process and users will receive some phishing email. These phishing emails are trying to acquire sensitive information electronically by pretending to be a trustworthy entity. Phishing attempts may ask for usernames, passwords, credit card information and other personally identifiable information.

Phishing scams are becoming more sophisticated and the messages people receive look very authentic. They may use official university logos and slogans such as those used by Baylor Athletics, ITS or other high profile university divisions. They may say they are sending you a "Security Alert." You should never provide sensitive information or login credentials in response to an email or via a website that is not baylor.edu (i.e., www.baylor.edu or bearweb.baylor.edu)

If you are in any way suspicious of an email you receive or feel that you may have provided your credentials in error, please contact the Help Desk (x4357) about the situation.

Tips to remember:

  • At no time will ITS, the Help Desk or any other Baylor entity ask for your username/password with an email, phone call, or during an in-person visit.
  • Be suspicious of links within email messages, particularly from unknown or dubious sources. (It is preferable to type the URL into your web browser.) Remember that you can hover the mouse over a link to see the URL behind it in order to see if it is what you expect to see.
  • If you recognize that you have provided your BearID and password in error, change your BearID password as soon as possible. On the ITS website, go to Security, then BearID Password Information. The box on the right has the link to the password change application.
  • Contact the Help Desk (x4357/HELP) in the event you receive an email about which you are unsure.
Thank you for your diligence.

ITS