ITS alert: Phishing campaign imitates Penn State WebAccess login page

May 18, 2012

Penn State’s Information Technology Services (ITS) is warning members of the University community to be alert for a new email phishing scam designed to coerce faculty, staff and students into revealing their Penn State WebAccess login IDs and passwords. The scam email directs readers to a website that looks nearly identical to the University’s “thumbprint” WebAccess login page.

The emails may arrive with a subject line similar to “Fresh News!” and may contain text that asks the reader to "Please read our new and important news using the link below." Do not click on the link or reply to the message -- ITS strongly recommends that the messages be deleted. If you believe you did click on the link and entered your Penn State Access account or Friends of Penn State user ID and password, you will need to immediately change that password and any passwords you have that are similar. For assistance in changing your Penn State password, contact the ITS Help Desk at helpdesk@psu.edu.

ITS urges students, faculty and staff not to give their passwords to anyone, under any circumstances. Passwords are an essential part of each person's Penn State "digital identity" and always must be kept as secure as possible. In addition, the University (and other official organizations) will never require anyone to provide sensitive information such as passwords, credit card numbers, or Social Security information via email.

Please send concerns related to this matter to helpdesk@psu.edu.

Last Updated May 29, 2012