Phishing Scam

Beware of Phishing Schemes

We have been receiving more frequent questions from concerned staff recently about emails they are receiving asking that they send someone or some group (ostensibly at PSU) their userid and password information. These requests can look very much legitimate using key phrases, buzz words specific to PSU and even spoofing email addresses to make it look like they come from reliable sources within PSU. We wanted to take a moment to reassure you that NOBODY at PSU will ever ask for your password information. These kinds of emails fall into a category called “Phishing Schemes.” You can read more about these kind of schemes at PSU’s Take Control Site: PSU Take Control (click on the “Phishing Tips” link on the left). You can also read about Phishing schemes in more detail on Wikipedia 

One thing we want everyone to understand is the difference between these Phishing Schemes and valid emails from PSU. It is an ITS policy that your main password (your Access Account password) with ITS must be changed once every 365 days. You may see emails from the ITS office indicating that your password is going to expire and that you need to visit their site in order to change it. The email still will NOT ask you for your password information. Instead it will simply direct you to visit work.psu.edu where you can log in with your current Access Account password and then change it. This is a valid request and something you need to do once a year.