Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click.  UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Hello" Phishing Scam

The message below was most certainly not sent by UVM's President.  

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click.  UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Webs 3.0 Support Center" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Your mailbox " Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "50MB Storage" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Importantant message from webmaster" and "Activate Your Account!!" Phishing Scam

This message is an all-in-one phishing scam, containing at least four bogus reasons (TOS violation, suspicious activity, verifying all account(s), efficiency, a database upgrade) to click on the link.  And 48 hours becomes "immediately" within the span of two paragraphs.   The Subject line varies. 

UVM will never send you email directing you to a non-UVM web page for any account-related function.   

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Incident INC000090173: ITS- Service Information" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "University of Vermont,Information Technology Services." Phishing Scam

This message appears to come from a uvm.edu address, but that is a forgery.  Hovering your cursor over the link shows that it would take you to a non-UVM web site, at 123contactform.com/.  The message also contains a stolen UVM graphic (not shown below). 

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Notice!" Phishing Scam

The link in this message appears to go to a uvm.edu address, uvm.edu/activate, but hovering your cursor over the link shows that it really would take you to a non-UVM web site, penicandrarini.com/tech-port/.  

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

Here are three samples showing variations of the Dear Valued Subscriber scam:

From: "Maricela Lovera Sanchez" <mlovera@gruporimsa.com.mx>
Subject: Attn:Dear Valued Suscriber,
Date: April 24, 2013 7:39:26 PM EDT



Your E-mail Account needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware. Please click this link below: hxxp://infomailaccount777.webs.com/

We Are Sorry For Any Inconvenience.

Regards,
WEBMAIL ADMINISTRATOR
Copyright 2013
All rights reserved.ABN 31 088 377 860 All Rights Reserved

--------------------------------------------------

From: "Maricela Lovera Sanchez"
Subject: Dear Valued Suscriber,
Date: March 25, 2013 8:15:00 PM EDT


Your E-mail Account needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware. Please click this link below: hxxp://customercareaccountinfo.webs.com/

We Are Sorry For Any Inconvenience.

Regards,
WEBMAIL ADMINISTRATOR
Copyright 2013
All rights reserved.ABN 31 088 377 860 All Rights Reserved

--------------------------------------------------------------------------------

Subject:    Dear Valued UVM.EDU Suscriber,
Date:    Wed, 27 Mar 2013 03:27:24 -0400
From:    UVM.EDU Customer Care
Reply-To:    upgradeaccount2012@live.com

--
Your E-mail Account needs to be updated with our F-Secure R-HTK4S new  
version anti-spam/anti-virus/anti-spyware. Please click

this link below:hxxp://customercareaccountinfo.webs.com/

We Are Sorry For Any Inconvenience.

Regards,
WEBMAIL ADMINISTRATOR
Copyright 2013
All rights reserved.ABN 31 088 377 860 All Rights Reserved

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam. 

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click.  UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Announcement" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Your e-mail will expire soon!" Phishing Scam

The "[SPAM?:##]" notation in this message's Subject line shows that UVM's spam filtering software, Pure Message, has analyzed the message and determined with a fair level of confidence that it is spam or a scam of some sort.  You can keep messages like that out of your Inbox by going to the UVM Net-ID account management page, www.uvm.edu/account, and clicking on "Spam and virus settings."  Choose a threshold of 50.  

• Expect to receive email soliciting donations to aid the victims, or perhaps first responders.   Even if you're familiar with the charity, don't contribute by clicking on links in emails; go directly to the charity's web site.  
• Avoid text-message scams in which texting to a certain number contributes to a charity.  Again, go to the charity's web site to confirm the campaign.  
• When searching for news, go directly to sites such as www.nytimes.com, or use familiar, reputable search sites like news.google.com.  Even reputable search services can offer links to malicious web sites, so as you consider your search results, click only on familiar sites. 
• Don't click links in email messages that claim to offer news, photos, or video (see the example below).

If you do receive scam emails, you can protect others by forwarding the messages, as attachments if possible, to is-spam@labs.sophos.com.

Here is an example of a scam received April 17: 

From: "Donald Ames"
Subject: Video of Explosion at the Boston Marathon 2013
Date: April 17, 2013 5:05:31 AM EDT
To:


hxxp://78.90.133.133/boston.html

Update, April 17:  A scam email campaign is using a variety of email Subject lines, including the following:

o    “2 Explosions at Boston Marathon”
o    “Aftermath to explosion at Boston Marathon”
o    “Boston Explosion Caught on Video"
o    "BREAKING - Boston Marathon Explosion"
o    "Video of Explosion at the Boston Marathon 2013"
o    "Runner captures. Marathon Explosion"
o     2 Explosions at Boston Marathon
o    Aftermath to explosion at Boston Marathon
o    Arbitron. Dial Global. Boston Bombings
o    Boston Explosion Caught on Video
o    BREAKING - Boston Marathon Explosion
o    Explosion at Boston Marathon
o    Explosion at the Boston Marathon
o    Explosions at Boston Marathon
o    Explosions at the Boston Marathon
o    Opinion: Boston Marathon Explosions made by radical Gays? Really? - CNN.com
o    Opinion: Boston Marathon Explosions - Romney Benefits? - CNN.com
o    Opinion: Boston Marathon Worse Sensation - Osama bin Laden still alive!? - CNN.com
o    Opinion: FBI knew about bombs 3 days before Boston Marathon - Why and Who Benefits? - CNN.com
o    Opinion: Osama Bin Laden video about Boston Marathon Explosions - bad news for all the world. - CNN.com

If you receive email with one of these Subject lines, or similar, do not click on any links contained in the message.  Clicking on the links in these messages infects your computer with malicious software by exploiting a Java vulnerability. 

Update, April 19: A similar spam campaign is expoiting the Waco, TX fertilizer plant explosion. 

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Mailbox Capacity Exceeded" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Webs 3.0 Support Center" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "UPDATE YOUR WEBMAIL ACCOUNT" Phishing Scam

The "Dear e-mail account holder‏‏" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam.  Email security updates are applied by UVM system administrators, with no action required on your part. 

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Verify your email address" Phishing Scam

The "Automatic security update‏‏" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Web-mail Box Security Alert" Phishing Scam

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

Here are two samples showing variations of the Dear Valued Subscriber scam:

From: "Maricela Lovera Sanchez"
Subject: Dear Valued Suscriber,
Date: March 25, 2013 8:15:00 PM EDT


Your E-mail Account needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware. Please click this link below: hxxp://customercareaccountinfo.webs.com/

We Are Sorry For Any Inconvenience.

Regards,
WEBMAIL ADMINISTRATOR
Copyright 2013
All rights reserved.ABN 31 088 377 860 All Rights Reserved

Subject:    Dear Valued UVM.EDU Suscriber,
Date:    Wed, 27 Mar 2013 03:27:24 -0400
From:    UVM.EDU Customer Care <xxxxxx@uvm.edu>
Reply-To:    upgradeaccount2012@live.com

--
Your E-mail Account needs to be updated with our F-Secure R-HTK4S new  
version anti-spam/anti-virus/anti-spyware. Please click

this link below:hxxp://customercareaccountinfo.webs.com/

We Are Sorry For Any Inconvenience.

Regards,
WEBMAIL ADMINISTRATOR
Copyright 2013
All rights reserved.ABN 31 088 377 860 All Rights Reserved

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The "Warning!" and "Final Warning!" Phishing Scams

Here is the phishing message some of us received recently. The Subject line may vary.

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The " Verify Your e-mail Immediately" and "Email Action Required!(VERIFY)" Phishing Scams

Here is the phishing message some of us received recently. The Subject line may vary, and in later versions, "UVM" is spelled correctly.

Do you use Adobe Reader or Adobe Acrobat?  (Reader is used to view PDF files, and Acrobat is used to create them.)   Please be especially cautious about PDF files you receive as email attachments or download from web sites, since both Reader and Acrobat, on Windows and Macintosh alike, have security flaws that cyber criminals are actively taking advantage of to infect computers with malicious software.  Adobe has not yet released a fix for these flaws.  Here are steps you can take to protect yourself until a fix is released.  

For Windows computers:

Protected View is a safety feature found in Reader XI (11.x) and Acrobat version XI.  In the Protected View, a yellow bar displays on top of the Reader window, and while you can still read PDF files, some others features are not available.  You can explicitly enable features for documents you trust.  

If your Windows computer is joined to the Campus domain, ETS will push an update on Tuesday, Feb. 19 that will turn on Protected View.  No further action is required on your part.  

If your Windows computer is not joined to the Campus domain, and it is running Reader XI or Acrobat XI, you can turn on Protected View yourself by following Adobe's instructions for Acrobat and Reader.   If your computer's version of Reader or Acrobat is older than XI, upgrade to XI and turn on Protected View.  

For Macintosh computers:  

Use the Preview application to view and manipulate PDF files.  If you need to run Adobe Reader, it's time to upgrade to Reader XI.

Please email iso@uvm.edu with any questions or concerns.    

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do  not click links in such messages and do not reply.  Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click. 

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to <abuse@uvm.edu>.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The " UVM ITS ALERT!" Phishing Scam

Here is the phishing message some of us received recently. 

This message, like any other email that asks you to to enter your UVM password on a non-UVM web site, is a phishing scam. Do  not click links in such messages and do not reply.  

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to.  (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

The " Important Notice to ____.____@uvm.edu" Phishing Scam

Here is the phishing message some of us received recently.  

Wednesday, January 30 (1:00–2:00 p.m.,

Davis Center 411, Boulder Society Centennial Room)

Privacy Officers around the Virtual Water Cooler

with Merri Beth Lavagnino (Indiana University), Jane Rosenthal (University of Kansas), and Kent Wada (UCLA)

Get the inside scoop on how three higher education chief privacy officers are addressing the current privacy challenges on campus. Join us for this free hour-long webinar, "Privacy Officers around the Virtual Water Cooler."

We hope you can join us. 

Wednesday, January 9 (1:00–2:00 p.m., Davis Center 415, Handy Family Room): EDUCAUSE Live! webinar: Are You Smarter Than Your Phone? with special guest Rebecca Herold (the Privacy Professor)

Nearly everyone on a college campus today has a mobile phone, but how should you make use of your smartphone?

You are smarter than your phone if you use sound judgment about revealing your location. You’re smarter than your phone if you know you need to think critically about the sensitivity of the data you put on or access through your phone. You are smarter than your phone if you protect it with a password. If you’re not thinking critically about what you do with your phone, we’ll help you think again!

Wednesday, January 16 (1:00–2:00 p.m., Davis Center 415, Handy Family Room: IAM Online webinar: Scalable Privacy: An NSTIC Pilot Program for the Identity Ecosystem with Ken Klingenstein (Internet2)

Are you interested in providing users more control over privacy, including consenting to release of attributes and actively managing their identity in cyberspace? Would you like to hear about a national effort to build a consistent and robust privacy infrastructure? Learn how this federal pilot program will help develop tools and technologies to achieve these goals.

Wednesday, January 30 (1:00–2:00 p.m., Davis Center 411, Boulder Society Centennial Room): EDUCAUSE Policy webinar: It's Not Just Facebook!—What Every College Student Should Know About Online Privacy with Merri Beth Lavagnino (Indiana University), Jane Rosenthal (University of Kansas), and Kent Wada (UCLA)

Do you want to be targeted with advertisements? Should you care? Should your school be profiling your data to "help you succeed?"

Colleges and universities are beginning to follow the business world in "mining" the electronic habits and trails that we leave as we conduct our digital lives and, unless you understand at a basic level how this digital ecosystem works, you may be may be signing up for more than you bargained for. This week is focused on giving real examples of how your data is used, what new developments are happening that affect college students, and what choices you have.

If you'd prefer to watch at your desk, or to view archived versions after the live sessions, you can find the presentations on the EDUCAUSE Data Privacy web site.  

These presentations, and the related material on the EDUCAUSE web site, should be engaging, informative, and of direct benefit in carrying out our shared responsibilities in protecting the privacy and security of the University's information.  We hope you can join us. 

EDUCAUSE has additional suggestions for Data Privacy Month activities.  Please let us you if you'd like to work together on any of them.