E-mail alert: May 12, 2008

Some UCSD e-mail users have received messages purporting to be from "ACS WebMail" or "the UCSD team" asking for account or e-mail address confirmation.

These are not legitimate messages from UCSD but an attempt by spammers to illegally obtain your private information. Do not respond; delete the messages.

UCSD will never ask you to send private information over e-mail.

If you already responded with any information, immediately change your username/ password for those accounts.

See instructions for changing:

• Network (popmail) username/ password
• Active Directory (Exchange) username/ password

Contact your department's system administrator or the ACT Help Desk if you have questions or use any other departmental e-mail accounts.

Don't be fooled by phishing, a type of e-mail fraud that aims to collect personal data for purposes of identity theft.

Phishing messages look as if they're from a legitimate enterprise, such as UCSD, a bank, or a credit card company. They usually claim there's a problem with your account and ask you to follow a link to the company's Web site, where you're asked to enter personal information (e.g., account numbers, passwords, or PINs). The linked Web site is an authentic-looking counterfeit.

Legitimate businesses never e-mail you to update their records. Because fake Web sites look legitimate and borrow the names of well-known companies, phishing scams reportedly lure in 5% of e-mail recipients.

If you get suspicious e-mail:

• Don't follow links to a Web page. Instead, check the company's Web site by typing the URL in your browser or call the company directly.
• Don't fill out any e-mailed forms that ask for personal or financial information.
• Delete the message.

Resources:

• Anti-Phishing Working Group
• Identity Theft Victims Guide, by the Privacy Rights Clearing House and CALPIRG
• MillerSmilesCo.UK, archive of spoof e-mail and phishing scams

Questions? Contact the ACT Help Desk, (858) 534-1853.