Question:

What do I do if I get a phishing scam?

Answer

When large quantities of the same scam messages appear on campus, we endeavor to work as quickly as possible to block those messages. You can best help Google and the OIT by forwarding the message to phishing@nd.edu or doing the following, which ensures the essential technical information is received by those that can take action:

1. While viewing the message, click on the 3 dots near the top right of the email message
   
   
2. From the menu that appears select Report Phishing
   
   
3. You can now delete the email message.

You will receive an email response from Notre Dame Information Security letting you know if the message was determined to be Safe, Spam or Malicious.  If you believe the message was incorrectly categorized or if you would like more information on how that decision was made, you can reply to the message or contact the Information Security team at the address provided in the response.

You can review what Google does with messages reported as phishing at https://support.google.com/mail/answer/8253?hl=en

Additional information: Emails with the subject line of "Notre Dame IT Helpdesk", "Unusual Activity Noticed", "To All Faculty\Staff", or "(ND.EDU)." and signatures such as IT Service Desk Support or IT Support can be a red flag for these types of emails; email notifications from our office will always be from Office of Information Technologies (oit@nd.edu), or ND Service Desk (nd@service-now.com).

If you responded to the scam and provided them with your password, you will need to immediately go to https://okta.nd.edu and change your password. This will prevent the scammer from using your account.  If you did not click a link or respond to the scam, you can simply delete the email message.

As always - be safe, and remember that the OIT will NEVER ask you for your password!

You can find additional information about identifying phishing messages here.  fwd