Many members of the CUA community are receiving junk e-mail (spam) that claims to be from the CUA Help Desk or "management," asking users to confirm their CUA username and password. Often, the pretext given in these junk e-mail messages is a system upgrade or potential violation of terms and conditions. These messages are scams designed to "phish" (fish) for your logon credentials in order to compromise the computer systems.

CPIT never sends bulk e-mail asking for details about computer user accounts.

Messages like these are junk e-mail "phishing" attempts and should never be replied to.

Here are some general tips for avoiding junk e-mail scams designed to steal a user's identity:

• Be suspicious of any e-mail that requests you to reply with a user name or password or personal financial information no matter how realistic the pretext--do not reply to the message or click links that it may contain.
  

• Always be sure to run anti-virus and anti-spyware software on CUA networked computers and keep them updated. (Note that desktop and notebook computers deployed by CPIT are already configured with this software.)
  

• Always ensure that a Web site is secure (HTTPS) when submitting credit card or other sensitive information via a Web browser. Use your browser to check the site's security certificate to make sure that it is registered to the company that owns the web site you are accessing.
  

• Don't click on the links in an e-mail or instant message to get to any Web page if you suspect the message might not be authentic or you don't know the sender or user's screen name.

If you have any question about the validity of an e-mail message that you receive at your cua.edu address, or if you have replied to one of these scam messages, please contact CPIT's Information Center Help Desk at 202-319-4357 (-HELP).