Phishing and Spam Emails


While there are many tools in place to filter and block a large volume of phishing or spam emails, some of these messages may be delivered to your inbox. Make sure you understand the difference between a spam and phishing email and how to handle each type of message.

On this page

Spam emails

Spam emails, also known as junk emails, are unsolicited commercial emails, often from an individual or company trying to sell you something. While these emails can be a nuisance, the senders rarely try to acquire sensitive information from you, such as your account password; however, they may try to acquire personal information, such as your date of birth or home address.

Received a spam email?

If a spam email is delivered to your inbox, you can report it to Microsoft by forwarding the message to You can also right-click the message and click Block Sender to prevent the sender from emailing you again.

Phishing emails

Phishing emails attempt to steal your confidential information by directing you to a fake website that asks you to provide personal information, such as a password, credit card or bank account number.

Occasionally, you may receive a phishing email in your University email account. These messages often direct you to a fake sign-in page and ask you to provide your MultiPass password.

Received a phishing email?

If you have received a message that you believe is phishing, follow the steps below to report it to the Computing and Technology Services (CTS) Help Desk:

  1. Obtain the message headers from the email. This information allows CTS to investigate how the email entered our mail environment and prevent future phishing emails from being delivered to campus.
  2. Forward the phishing email and message headers to
  3. Delete the phishing email.

For an updated list of phishing emails, click here or visit our Twitter account (@DuqCTS).

Responded to a phishing or spam email?

Replying to phishing emails always results in your password being stolen. If you believe you responded to a phishing email, follow the steps below to resecure your Duquesne accounts.

Step 1: Secure Your MultiPass Account

Visit to reset your MultiPass password and secret question answers IMMEDIATELY. Also, reset your password for any personal accounts that may have used a password similar to your MultiPass account password.

Step 2: Secure Your Email Account

Verify that no suspicious inbox rules or forwards have been placed on your Duquesne University email account. Visit to perform these steps.

Step 3: Secure Your Computer

If your computer has been infected with spyware or malware, perform an antivirus scan. If you do not have an antivirus program installed on your computer, CTS recommends Sophos Home edition.