Wednesday, November 30, 2011

E-mail Spam, Scams, and Phishing Attacks When to Contact the HelpDesk?

If you think it might be spam, it probably is!

CIT offers three tiers of e-mail protection for faculty and staff.  At the top tier, all incoming mail must pass through the Barracuda spam firewall.  The firewall currently blocks about 80% of incoming mail.  The second tier allows individuals to access the Barracuda firewall and manage spam filtering on their own account.  At the third tier, individuals can use the Junk Mail Handling settings within GroupWise (note: CIT does *not* recommend using the Block List function in GroupWise).  If an individual is not personally configuring Barracuda or GroupWise Junk Mail Handling, spam is still being rejected at the first tier by the Barracuda firewall.  You are not required to use these tools but they are available.

Click HERE for more information on the Barracuda spam firewall

Unfortunately CIT cannot guarantee that all spam, scams, and phishing attempts will be blocked.  There must be a balance between allowing legitimate traffic through the firewall and blocking spam.  Sometimes CIT is able to target and block specific phishing attacks but not always, since the sender’s e-mail address or the content within the message can fluctuate. 

When should you contact the HelpDesk?

You do not need to contact the HelpDesk or forward e-mails that contain unsolicited spam/junk. 

  • Advertisements
  • Requests for a response such as “I came across your profile and really want to chat, please respond….”
  • Bounce messages for e-mails that you did not send
  • "Cool job offer" type announcements
  • Messages that inform you that you have won a lottery or are inheriting a large sum from overseas

You may forward the HelpDesk e-mails that contain a “phishing attack” – e-mails that ask you to respond with the following information:

  • Username and password
  • Social Security number
  • Account number

What should you do if you responded to a phishing attack?

If you got "hooked", you should immediately change your Calvin passphrase.  Contact the HelpDesk if you would like assistance.  You should also check your other e-mail and financial accounts for suspicious activity and change those passwords as well.

What can you do if you are not sure whether an e-mail is legit?

If you are receiving messages from a financial institution or regarding any other non-CIT account and are not sure if the message is legitimate, the best course of action is to access your account directly and see if any action is needed.  For example, if you receive a message that claims to be from PayPal, do not respond to that message or click a link in that message, but go directly to, login, and see if there are any alerts or notices available.  You can also call the company directly using a number from their web site or phone book (do not call a phone number given in the e-mail).

E-mails that appear to be from CIT or the HelpDesk

Occasionally you may receive spam or phishing attacks that appear to be from CIT.  CIT will never ask you to provide your login information via e-mail or require you to provide any account numbers or a full SSN.  Even if the e-mail is from an "" address, if it is asking you to respond with login info or personal info, it is not legitimate and did not come from CIT.

These are examples of legitimate e-mail communications from the HelpDesk:

  • Your Calvin passphrase expires once a year (or 90 days for employees working with credit card processing).  You will receive notices from CIT as the expiration date draws near.  You are not required to respond to these messages and can change your passphrase at
  • When you contact the HelpDesk you will receive automated e-mails regarding the status of a work order.  These e-mails are from the address "" and always contain a valid “work order number” (#002 - - - - -).  These e-mails notify you of when a work order has been opened or closed, or if more information is needed.
  • The HelpDesk sends important alerts regarding service outages from the address “”.
  • Any valid communication from the HelpDesk address will always be signed with the technician’s name followed by “CIT HelpDesk” and a formal signature including the HelpDesk’s contact information.
  • CIT will post announcements to Calvin-Students and Calvin-News from the address “” and the heading of the message will begin with “CIT:….”

More Information

Phishing Attacks

E-mail and Personally Identifiable Information