Alert: Phishing scams hitting CCRI inboxes
CCRI employees may have noticed a recent increase in phishing attacks and e-mail accounts being compromised. The IT department at CCRI is taking several steps in response to these situations.
A phishing attack is a malicious e-mail impersonating some type of service provider. In this scenario, the e-mail sender asks you to follow a link and verify your e-mail address and password. The attacker will then use your account to relay spam messages to the general population on the Internet.
We also have seen situations where the attacker deletes messages from the victim’s mailbox. We have had several people in the last two weeks respond to these attacks and this has resulted in an interruption in mail flow. It has generated an influx of calls to the Help Desk making this a very costly ordeal as it has affected communication channels and productivity workflows for many areas within the college.
In response to the above, IT has set new controls for e-mail. These include mail quotas and policies relating to the flow of e-mail as well as best practices in e-mail management.
As always, we remind you that CCRI will NEVER ask you for your user name or password via e-mail. Any e-mail that asks for this information or contains links to external websites should always be suspect.
If you receive e-mail that you suspect to be a phishing attack, please forward the message to firstname.lastname@example.org, an address we have created to become more efficient in the reporting of and response to e-mail abuse.
Thank you for assistance and cooperation.