OIT issues warning on fake UTSA e-mails

By Alex Morones
Technical Writer and Editor, Office of Information Technology

(June 12, 2008)--The UTSA Office of Information Technology (OIT) has issued a warning about spoof e-mail messages that say they come from "UTSA Maintenance," which is not a valid e-mail address and is not a UTSA department.

This latest round of spoof messages claims that personal information is needed in order to "help fight against spam mails." The e-mail also has many misspellings. The message requests a user's password, secret question and date of birth, among other items. OIT will never ask for this information via e-mail or phone.

>> View the fake UTSA e-mail that some UTSA employees received this week.

The e-mail is an example of "phishing" -- an attempt to get users to reveal personal information. Phishing attempts can come from various senders with varied subject lines. Providing personal information in response to a phishing e-mail message can make you a victim of identity theft.

For more information, visit the UTSA Office of Information Technology Web site.

-------------------------------

How to spot a spoof or phishing e-mail message

• Appears to be sent from an address other than "Office of Information Technology" (examples: admin@utsa.edu, info@utsa.edu, support@utsa.edu or maintenance@utsa.edu)
• Contains misspelled words and poor grammar (many phishing attempts are created by non-native English speakers)
• Asks you to provide personally identifiable information such as user ID or password (Note: UTSA's network technicians will never ask you to provide your password over the phone or via e-mail.)
• Asks you to click on a link or attachment to provide information