Information Technology Services - Computing, Networking and Storage
print this page   email this page

ITS Announcements

Phishing Email Warning (Updated October 22)

Please be advised that many illegitimate email messages are sent to USC account holders with variations of the Subject line: Re-Activate Your Account. These phishing schemes are attempts to steal your personal information through legitimate-looking email messages. The messages urge recipients to reply by email and include their USC password and other personal information.

Neither USC nor ITS will ever request that you submit personal information, including any passwords, over email.

When you receive questionable email, be sure to examine the email header and the Reply-to address. Most of the phishing email that USC account holders receive is sent from commercial email addresses, such as live.com. ITS will never send you email from a non-USC email address.

If you have responded to a phishing scheme by submitting information about your USC password, you should immediately go to https://www.usc.edu/its/password to change your USC password. If you are unable to change your USC password, contact the ITS Customer Support Center at 213-740-5555 as soon as possible.

You should also beware of clicking links in suspicious email messages, since links may direct you to illegitimate websites. In the past, USC account holders have received email requesting that they use an embedded link to verify their password. The embedded link led to a fraudulent USC login page.

To report a possible phishing attempt, forward the email to security@usc.edu. To report spam (or unwanted advertising), send the email to missedspam@usc.edu.

To learn more about phishing, see the About Phishing documentation on the ITS website.

Below you will find a summary of some recent phishing attempts.

In October 2009, some USC account holders received email from various non-USC .edu addresses with the Subject line: "System Administrator." These messages notified recipients that their email quota had been exceeded and urged recipients to click a link to request additional storage space.

On January 28, 2009, some USC account holders received email with the Subject line "Request" requesting that users send their email account details. The Reply-to field is actually verify@emailsupports.com and the From field is Systems Administrator [mailto:admin@imingo.net].

On January 26, 2009, some USC account holders received email with the Subject line "Account Verification Update" requesting that users send their email account details. The Reply-to field is actually it_service10@yahoo.com and the From field is WEBMAIL Help Desk Info@upgrade.com.

On January 26, 2009, some USC account holders received email with the Subject line "Read our latest news." requesting that users click a link to read important news. The From field is University of Southern California info@usc.edu. The phishing link is
http://www.usc-portal.com/news/.

On August 29, 2008, some USC account holders received email with the Subject line "Dear Webmail account Owner" requesting that users send their email account details. The Reply-to field is actually customer212@live.com and the From field is customer212@live.com.

On August 27, 2008, some USC account holders received email with the Subject line "Verify Your usc.edu Email Account Now!" requesting that users send their email account details. The Reply-to field is actually customerunit@administrativos.com and the From field is "usc.edu Billing Department" info@usc.edu.

On August 25, 2008, some USC account holders received email with the Subject line "University Of Southern California Email Service" requesting that users send their email account details. The Reply-to field is actually webmaster.service.edu@googlemail.com and the From field is helpdesk@usc.edu.

On June 26, 2008, some USC email account holders received an email with the Subject line "Confirm Your Account" requesting that users send their email account details. The Reply-to field is support.team1@live.com and the From field is USC SUPPORT TEAM.

On June 21, 2008, some USC email account holders received an email with the Subject line "Dear usc Webmail Subscriber" requesting that users click a link or reply to the email to confirm the status of their email account. The Reply-to field is usersubsriberguide@gmail.com and the From field is ACCOUNTMANAGER greer1tr@cmich.edu.

On June 19, 2008, some USC account holders received email from CUSTOMERCARE@USC.EDU with the Subject line: ACCOUNT UPDATE. The Reply-to field is actually customer@accountcentre.ourprofile.info.

On January 21 and 24, 2008, phishing messages were received with the Subject line "VERIFY YOUR USC EMAIL ACCOUNT NOW." These messages were mailed from non-USC email addresses, such as accountupgrades2008@live.com.

Updated on October 22, 2009 12:55 PM |