Who is the email from?
From:fields may contain false information! Due to insecurities in the internet email protocol, most of the information in an email message can be faked by the sender. The fields which are harder to change are typically not displayed by most email clients, and their interpretation can be confusing to many users.
- Be wary of emails that purport to come from the Lab Staff (or other account managers) and warn of dire consequences which can be avoided by replying to the email to verify your account information.
- Many phishing scams will fake the
From:field to make it appear as if the email is coming from a trusted source. However, when the message is replied to, a slightly different, non-local address will appear as the recipient. This is accomplished by including a
Reply-To:header, which is typically not displayed by most email clients.
- The CS Lab staff will never ask you to provide your password in an email.
Users should be aware of these situations, as there is no easy technical fix. Phishing relies on psychological attacks to compel users to voluntarily surrender important information. If you have any questions or encounter an email you are unsure of, please feel free to contact the Lab Staff before replying to the message.