These e-mails often link to pages that look official, but do not have the correct web address. UGA, and other credible institutions, will never ask for your password in an e-mail.. Never trust an e-mail that asks for your user name or password. You should never send passwordsE-mail is about as private as sending a postcard through the normal mail. Anyone along the way can read what you write if they have certain tools. Never send confidential information, such as bank account numbers or passwords through e-mail. Search Google for how to encrypt e-mail; there is a method called PGP which is easy to set up if you know how. , or other private information in an e-mail to anyone.
A worm named Conficker (W32.Downadup.C) is set to activate on April 1st, which promises to cause headaches in trying to remove the worm, as well as security risks and network congestion. The best way to prevent a Conficker infection is to ensure any Windows computer is up to date on Critical Windows Update security patches, specifically MS08-067.
Conficker is a worm that exploits a vulnerability in Microsoft Windows in order to download and execute malicious code. It will also infect any other vulnerable computers on the network. Variant C is especially dangerous as it will disable many security functions built into Windows, as well as most anti-virus programs, including F-Secure. Many third party security tools, and security websites will also be blocked by variant C.
To test whether your computer is already infected with Conficker, try to access F-Secure's website. If access to the page is blocked your computer may be infected. Contact the EITS Help Desk at 706-542-3106 for assistance.
For more information regarding Conficker, please use the following links:
- SC Magazine: No joke -- Conficker worm set to explode on April Fool's Day
- Wikipedia: Conficker
- EITS Press Release
Fraudulent Email (Phishing Scam) Warning. [2009-03-01]
This is to notify the University community that emails received on campus requesting that you send your password via return email are fraudulent. Do not respond to these emails.
Please be aware that you will never be asked to send your password in an email from official UGA communications. Indeed, you should never send your password through email to anyone under any circumstances.
Phishing attacks are a common threat when using your e-mail account. Never trust an e-mail requesting your login or password. These scams will often provide links to pages that look like a credible institution. However, once you submit your information, your account can be compromised and used for illegal purposes. This is especially dangerous with financial accounts, but you should also be careful with your MyID, and all other personal information.
If you are concerned your bank or UGA needs to speak with you, call customer support or the help desk and ask. You can also look on the front page (or login page) for the organization in question. If there is a large scale problem, information will be readily available on one of these front pages. But never even click on a link in a potential phishing e-mail, as it might contain a virus.
One final tip to know you are dealing with a phishing scam is to mouse-over the link and look at the status bar or pop-up describing where the link leads. If the first part of the link looks very unfamiliar, followed by the legitimate link at the end, it is definitely a phishing scam. An example would be http://1jklh.s0mwhere.ru/asfi/ugamail.uga.edu/
For more information, please visit our phishing information page.

