Email Share
Close
E-mail It

NOTE: Recipients' Email Address currently accepts only 5 email addresses separated by commas.

Information Technology Department

Announcements

Phishing Email

Dear HSPH Community,

Recently emails have been going around from "support@harvard.edu" or "webmaster@hsph.harvard.edu" (or the like) which threatens to close your account unless you submit your password to them. 

Please be advised that this is a hoax email that is meant to trick you into giving your password away.

It was not sent out by our department and should be deleted right away if received. 

We have already taken steps to block this email from our server but the users who may have received it already should simply delete the email. Please remember that we would NEVER ask you for any of your passwords and any email which does so should be looked upon with suspicion.

Please feel free to contact us at helpdesk@hsph.harvard.edu or 617-432-4357 if you have any questions regarding this matter. Below is a copy of what the hoax email may look like.

Sincerely,
HSPH IT HELPDESK
617-432-4357

 

Example Emails:

-----------------------------------------------------------------------------------------------------

Harvard School of Public Health <webmaster@hsph.harvard.edu> 6/23/2008 9:50 AM

Dear HSPH Webmail Account Owner,

This message is from HSPH messaging center to all HSPH email account owners.
We are currently upgrading our data base and e-mail account center. We are
deleting all unused HSPH email account to create more space for new accounts.

To prevent your account from closing you will have to update it below so that
we will know that  it's a present used account.
 
CONFIRM YOUR EMAIL IDENTITY BELOW:
 
Your Name:
Email Username :
Email Password :

Warning!!! Account owner that refuses to update his or her account within
Seven days of receiving this warning will lose his or her account
permanently.

Thank you for using HSPH Webmail!

Warning Code:VX2G99AAJ
 
Thanks,

HSPH Webmail Team
http://www.hsph.harvard.edu/

-----------------------------------------------------------------------------------------------------

From: "harvard.edu" <support@Harvard.Edu>
Subject: Confirm Your E-mail Address

Dear User,

We wrote to you on 30th january 2008 advising that you change the
password on your account in order to prevent any unauthorised
account access following the network intrusion we previously
communicated.

Whilst we have found the vulnerability that caused this issue, and have
instigated a system wide security audit to improve and enhance our
current security.

To complete your harvard account, you must reply to this email
immediately and enter your password here (*********)

Failure to do this will immediately render your account
deactivated from our database.

We apologise for the inconvenience that this will cause you during this
period, but trust you understand that our primary concern is for our
customers and for the security of their data.
our customers are totally secure.

--------------------------------------------------------------------------------------------------