Malicious emails pose risk to Penn State students, faculty and staff

August 22, 2016

As the most recent example of malware, phishing and malicious emails to hit the University, currently, email messages that appear to come from such delivery services as FedEx are being sent to random Penn State students, faculty and staff members. The emails contain bogus information about a parcel delivery and include a malicious malware attachment (a .zip file), which, if opened, runs a malware known as ransomware on the computer being used.

Students, faculty and staff members who receive such a message should delete the email and not open the attachment, unless absolutely certain they know who the email is from.

Ransomware is a type of malware that encrypts files stored on a computer and any network or external storage connected to it. The malware makes the files inaccessible, and the threat actors behind the malicious activity demand a ransom be paid in order to have the files restored.

Students, faculty and staff members who have already opened the email and clicked on the attachment, should turn off their computers to prevent the malicious code from spreading and take their computers to their local IT support desk.

For assistance, contact your local IT support, call the IT Service Desk at 814-865-4357 or email

Penn State information technology staff members are collaborating with the Office of Information Security to monitor the situation, and updated information will be provided as it becomes available.

For more information about malware, phishing scams and staying safe online, visit the University’s Online Safety and Security website

Last Updated August 29, 2016