Over the Labor Day weekend, the campus has been targeted by malicious phishing e-mails that appear to be attempts to gain user information by sending an email stating:
" Your Mailbox Has Exceeded The Storage Limit Set By The Administrator please CLICK HERE and fill in the bellow informatons [note incorrect spelling] To enable us to Re-validate Your E-mail Account. Note: Account owner who refuse to Re-validate His/Her account will loose [note incorrect spelling] account within 24 hours. System Administrator."
Individuals who received this e-mail should simply delete the message and know that OIT will never request account information via e-mail.
If you or someone in your department responded to this phishing attempt and entered user information, that person should contact the IT Service Center at 303-735-4357 (5-HELP from a campus phone). New phone hours: Monday - Thursday 7:00 a.m. - 10:00 p.m. Friday 7:00 a.m. - 7:00 p.m. Saturday & Sunday 12:00 noon - 6:00 p.m. Closed on University holidays.
Please note that the university will never send e-mail asking for your private data (e.g. passwords, SSNs, credit card numbers, etc.) and you should be suspicious of messages that direct you to provide this information. It is also a good practice to never click on a link in an e-mail but rather open a web browser and type in the website address or look up the website using a search engine.
You can learn how to report these suspicious messages and see a listing of reported phishing e-mails at http://oit.colorado.edu/it-security/email-phishing. To learn more about phishing attempts and how to not fall prey to them, visit the Office of Information Technology’s Security Awareness website at http://oit.colorado.edu/it-security/security-awareness/phishing. For identity theft help and resources, visit http://oit.colorado.edu/it-security/security-awareness/privacy-identity-.....
Although the university uses technology to block malicious emails and phishing websites, this technology is no substitute for being a conscientious Internet user. If you ever have questions about the legitimacy of a message, you are welcome to contact the IT Service Center.