How can I tell if e-mail is legitimate or a spam or scam?
First, any e-mail asking for a password or other security data is almost certainly a scam. Don’t ever respond to that type of e-mail; just delete it.
Second, go to K-State’s IT security blog at threats.itsecurity.k-state.edu and search for a few keywords from the e-mail’s subject line.
For example, an e-mail seen at K-State April 24 had a subject line saying “ROUTINE MAINTENANCE FROM IT DESK”. A short search for “routine maintenance” on the security blog found a page about that particular spear-phishing scam.
Third, if you’re still in doubt, contact K-State’s IT Help Desk, 785-532-7722, helpdesk@k-state.edu.
More e-mail security tips:
- The latest spam-phishing attempts seen at K-State are posted on the right side of the IT security blog, which is updated frequently.
- When in doubt, don’t click. Even if a suspicious e-mail isn’t a scam, it could be another type of security risk (see K-State’s malware list).
- For more precautions, see How to identify a scam on the IT security site.