IAS Security Hero

Protect yourself by avoiding "phishing"

Phishing is a term used to describe a scam, a malicious attempt aimed at trying to trick you into divulging sensitive information via electronic communication. One recent avenue for this type of attack is through emails appearing to come from your IT helpdesk requesting information, such as your username and password.

Please be aware that Computing staff from the Institute for Advanced Study will never request your username and password via email. Always be sure to contact your helpdesk directly if you receive an email asking you for this type of information to check for its legitimacy.

IAS Computing employs a system that compares all incoming emails against a third-party database of known threats, which is updated hourly. The goal of this system is to identify these malicious attempts prior to their being delivered to you. When we positively identify an incoming message to be malicious, we add a tag to the Subject line of the email that says "[Probable Scam]".

Most likely, your school's IT staff will also move these messages into your spam folder for you. It is strongly recommended that you not open the messages which have been identified as probable scams. If you feel a message has been improperly identified and want to release such a message from your Spam Quarantine, please contact your helpdesk for guidance prior to doing so.

Lastly, if you have responded to a phishing email, there is no need to panic. Please contact your helpdesk as soon as you can to have your password reset. Professional confidence artists are good at what they do, and it can be difficult to tell truth from fiction, especially when it comes to technology.