Drexel is a large institution, and like all organizations of this size, is a constant target for phishing attempts.  With the information below and a little common sense, you can prevent yourself from becoming a victim of phishing.

The COE Helpdesk or Drexel’s Office of Information Technology and Resources will NEVER email or call you requesting your user name and password.

Any email that requests personal information is fraudulent.  No legitimate email from us will ever be from an address starting with “noreply@” or ending with a domain.  Although we sometimes make mistakes, our legitimate emails will not be riddled with spelling and grammatical errors.  Also, we will always include some form of personal contact info, and will not sign legitimate emails as “Drexel administrator” or other impersonal titles.

Examples of continued scams include notices that your account will be shut down or suspended unless you reply, fake invoices claiming that there was a problem charging your card, and shipping notifications for products you did not order.  All of these are attempts to either trick you into clicking a link or replying with personal information.

Most of these types of emails are filtered out by our spam/malware filtering system (by default, every account receives a daily Spam Quarantine Summary).  However, every once in a while, the spammers manage to slip a few through.  You do not need to forward them to the helpdesk asking if they are spam.

If you do accidentally reply to one of these emails, please let us know immediately so we can begin the process of locking your account against unauthorized access.  If you do accidentally click on a link and your computer begins to act strangely, please let us know immediately so we can begin the process of identifying and removing the infection.