The Office of Information Technology Services (OITS) received many inquiries regarding a recent phishing communication that the College Community received. The good news is that this communication was generated from OITS as an internal exercise in order to keep you informed about phishing scams and identity threats that have become more prevalent. We hope this exercise didn’t interrupt your daily activities. We are pleased that many of you contacted OITS regarding this suspicious communication.
There were certain key elements that should have triggered you to realize the communication you received was not a legitimate CSI email:
1. The From field contained the email address Postmaster.firstname.lastname@example.org
2. Take note of the address Postmaster.email@example.com. That should have been a clear give away.
3. If you clicked on the “Click here to verify your account” link, you were brought to a page that had: https://csi.ddnsfree.com/ as the URL (address) of the Outlook Web App page.
Also, if you clicked on the “Click here to verify your account” link, you were brought to a page that had no CSI branding.
OITS hopes that you found this exercise helpful. Please be cautious whenever you enter personal identifiable information. Because of our busy lives and the flood of emails we receive, it is very easy to fall into the phishing trap. Be aware of the communications you receive and if you are not sure of their legitimacy, contact the HelpDesk immediately at 718.982.HELP or firstname.lastname@example.org.