Phishing and Spam Emails
While there are many tools in place to filter and block a large volume of phishing or spam emails, some of these messages may be delivered to your inbox. Make sure you understand the difference between a spam and phishing email and how to handle each type of message.
Spam emails, also known as junk emails, are unsolicited commercial emails, often from an individual or company trying to sell you something. While these emails can be a nuisance, the senders rarely try to acquire sensitive information from you, such as your account password; however, they may try to acquire personal information, such as your date of birth or home address.
Received a Spam Email?
If a spam email is delivered to your inbox, you can report it to Microsoft by forwarding the message to email@example.com. You can also right-click the message and select Block Sender to prevent the sender from emailing you again.
Phishing emails attempt to steal your confidential information by directing you to a false website that asks you to provide personal information, such as a password, credit card or bank account number.
You may receive a phishing email in your university email account on occasion. These messages often direct you to a false login page and ask you to provide your MultiPass password.
BEWARE: replying to phishing emails will ALWAYS result in your password being stolen.
Received a Phishing Email?
If you have received a message that you believe is phishing, follow the steps below to report it to the CTS Help Desk:
- Obtain the message headers from the email in question. This information allows CTS to investigate how the email entered the mail environment and prevent future phishing emails from being delivered to campus.
- Forward the phishing email and message headers to firstname.lastname@example.org.
- Delete the phishing email.
Responded to a Phishing Email?
If you believe you have responded to a phishing email, follow the steps below:
Step 1: Secure Your MultiPass Account
Visit duq.edu/multipass to reset your MultiPass password and secret question answers IMMEDIATELY. Also, reset your password for any personal accounts that may have used a password similar to your MultiPass account password.
Step 2: Secure Your Email Account
Verify* that no suspicious inbox rules or forwards have been placed on your Duquesne University email account.
*You will need to perform these steps by visiting duq.edu/mail.
Step 3: Secure Your Computer
If your computer has been infected with spyware or malware, perform an antivirus scan. If you do not have an antivirus program installed on your computer, CTS recommends Sophos Home edition. For more information, visit duq.edu/sophos.