SPAM, Phishing and Other Stories
Attackers are constantly testing to see if they can gain something from us - it could be information, money, credentials, or access. This can come in the form of SPAM (or junk mail), phishing (email or phone impersonation), or via social media or sharing sites. It is important that you stay aware of the risks, and question clicking links, answering emails, or giving information to an unknown, incoming phone caller.
What can be done to limit my risk?
The University is constantly trying to reduce the risks attributable to spam, phishing and other exploits.
- University Anti-Spam efforts
- University Phishing Awareness campaign
- Forward SPAM or Phishing Email to UIT Information Security
- The University has also added a "Phish Reporter Button" to Outlook
- Pick a strong password for all your accounts and ensure the password for your SUNet ID is different than every other password you have
- Stanford also provides free Dashlane Password Manager accounts to current faculty, staff, and students
What should I do if I've made a mistake and given up information or access?
If you accidentally replied to a scammer, visited a fake website, and/or may have supplied them with any of your personal information including email or password:
- Change your SUNet ID password at accounts.stanford.edu
- For a compromise of High Risk data, contact the University Privacy Office as soon as possible
- For compromised user accounts or devices (or if you accidentally allowed someone to control your computer), submit a ticket to your local IT Support or to the University Information Security Office
