1. Saint Mary's College will never ask for your password over e-mail.
    2. Saint Mary's College will never ask for your password via a Google Form.
    3. You should not reply in any way to e-mail messages that request information such as your password, your birth date, your credit card and bank account numbers, your Social Security number, or any other sensitive information. No legitimate institution (including colleges and banks) will ask for these details over e-mail. If you receive an e-mail directing you to a phone number or website to provide this information, do not use the contact information or links provided in the message. Instead, contact the institution using their officially published phone number or website and ask for instructions.
    4. Saint Mary's Information Technology will not send e-mail to students, faculty, or staff regarding their network accounts without providing detailed contact information in a signature that you can confirm via the Saint Mary's Online Phonebook. (http://eureka.saintmarys.edu/phonebook/)
    5. To change your Saint Mary's password, please visit http://www.saintmarys.edu/account. If you have responded to a phishing scam, change your password immediately.
    6. While Saint Mary's College and Google Apps for Education attempt to block fraudulent messages before they reach your e-mail inboxes, scammers try to be one step ahead of the e-mail filters. If you receive a phishing e-mail, simply delete the message.
    7. The SonicWALL Phishing and Spam IQ Quiz tests how well you can identify a legitimate e-mail from a phishing scam. http://www.sonicwall.com/phishing/
    8. When Saint Mary's Information Technology or Google Apps for Education discovers that an e-mail account has been compromised (usually as a result of a phishing scam), the account will be locked to prevent further access. While this stops the person with your account from doing further damage (including deleting messages in your account, reading any messages in the account to cull personal information, changing the account settings, and sending excessive amounts of phishing and spam messages), it will also prevent the owner of the account from accessing their e-mail. If you suspect that Information Technology has locked your account, please contact ResNet (students) or the Helpdesk (faculty and staff) for information on setting up an appointment to have your account restored to your control. Appointments should be expected to last an hour, and you will need to bring government-issued identification with you. (Appointments are required for addressing compromised accounts, walk-in requests for assistance cannot be accommodated.)
    9. If an account is compromised and phishing and spam messages are sent, Internet Service Providers (ISPs) or e-mail hosting services may decide to block all messages from the domain the messages are from (saintmarys.edu) to protect their customers. Hotmail, MSN, Live, AOL, AT&T, and SBCGlobal have repeatedly blocked/blacklisted saintmarys.edu after one of our accounts has been compromised, preventing any messages with a saintmarys.edu address from going through to the intended recipients. Information Technology works with the ISPs to remove our domain (saintmarys.edu) from blacklists when this occurs.
    10. Saint Mary's College has multiple students, faculty, and staff reply to phishing scams with their personal information annually. Information Technology cannot stress enough that we will never ask for your password or other personal information over e-mail or via a Google Form.
    11. Examples of phishing scam subject lines:
      • Hello saintmarys.edu User
      • Email Alert
      • RECONFIRM YOUR WEBMAIL ACCOUNT
      • Dear Webmail/E-mail User
      • Account Upgrade/Maintenance
      • Mailbox Upgrade
      • Security Alert
      • Saint Mary's College Webmail Login Service Online Customer Support Update 2010
      • Attention Email Account holder
      • Dear Staff/Student
      • UPDATE YOUR WEBMAIL QUOTA NOW!!!
      • Quarantine Summary Digest
      • Dear Webmail User
      • ACCOUNT MAINTENANCE & UPGRADE!!
      • Mailbox Update
      • Weekly Email Maintenance!!
      • Maintenance Update!!
      • Mailbox has Exceeded Storage Limit
      • YOUR EDU. ACCOUNT CONFIRMATION. ! ! !
      • Confirm your Saintmarys.Edu Email Account Now!
      • EMAIL ACCOUNT MAINTENANCE
      • Alert: Mail Quota
      • Verify Your E-mail Account
      • FINAL VERIFICATION OF YOUR EMAIL ACCOUNT
      • Account Confirmation {Account Expires in 4 days}
      • Confirm Your Account Details
      • E-mail Account Maintenance
      • TOP URGENT!!! (Please Verify Your Account Immediately)
      • Verify Your E-mail Account/Block Spam
      • Your Account
      • Alert: Mail Quota
      • Confirm Email Account
      • Verify Your E-mail Account
      • UPDATE YOUR WEBMAIL ACCOUNT DETAILS !!!

    12. Examples of signatures or "from" names for phishing scams:
      • saintmarys.edu Webmaster Service
      • Webmail Help Desk Support
      • ITS Help Desk
      • WEBMAIL SERVICE CENTER
      • 2010 Account Upgrade
      • Web Support Team
      • Saint Mary's College Webmail Login Service Online Customer Support Update
      • Help Desk Team
      • Helpdesk Team
      • IT Help Desk
      • saintmarys.edu ACCOUNT SUPPORT TEAM
      • McAfee Secure Internet Gateway
      • Edu Account Upgrade Team
      • EDU ACCOUNT UPGRADE TEAM
      • Leboyd Nichole, Webmail Administrator.
      • Webmail Support Team
      • Webmail Helpdesk
      • Technical Support Team
      • WEBMASTER SUPPORT TEAM.
      • Webmail Help Desk.
      • Mail Administrator
      • IT Service
      • Support Team
      • Saintmarys.edu Web Team
      • Saintmarys.edu Support Team

    13. For more information, please visit:

Last Modified July 23, 2014