Phishing Reminder

Fall Student Technology Fair

Reference Portal

Shibboleth

RefWorks

New Email Web Site

Internet2 at Johns Hopkins

HopkinsONE

Print This Page

Administrative Applications

Clinical Applications

Enterprise Services

Student Services

Support

Teaching & Learning

Important Reminder About Email-based Phishing Attempts

Dear Faculty, Staff, and Students:

Over the past week, we have observed an increase in e-mail-based phishing attacks designed to solicit account ID and password information from members of the Johns Hopkins community.

Phishing (pronounced "fishing") is a form of identity theft that attempts to trick people into revealing personal or financial information online. Phishers use phony Web sites or e-mail messages that appear to be from trusted businesses and brands in order to steal personal information such as usernames, passwords, credit card numbers or Social Security numbers.

The messages can be hard to recognize as fake, because they appear to come from known sources with familiar logos and screen shots. The more familiar a message looks, the more susceptible people may be to performing actions suggested in the message.

Recent phishing messages received at Johns Hopkins claim to originate from "Jhu Webmail Support Team", "Web Mail @jhu.edu", or an individual Johns Hopkins email address. The subject lines say, "Confirm Your Web-Mail Account”, “======>Web Mail @jhu.edu or "Dear jhu Webmail User" and include a request to respond with information such as username, password and date of birth.

Do NOT respond to e-mail messages that ask you to provide or verify your personal information. Do NOT follow any directions contained in such messages.

Financial institutions and other legitimate businesses -- including Johns Hopkins -- generally will not send e-mail messages requesting that type of information. Furthermore, legitimate internal Johns Hopkins messages about access to IT resources should provide contact information for you to use to get in touch with someone if you have questions. They would also have specific information regarding access. Information technology departments within Johns Hopkins would provide as much notice as possible about outages or changes to your account.

More information can be found at the following web sites:

http://www.antiphishing.org
http://www.microsoft.com/protect/yourself/phishing/identify.mspx