Thursday, February 6, 2014

Spam Email Report 2/6/14

Today's spam email report comes courtesy of our technician, Ingrid.

It has recently been brought to the attention of the Help Desk that a series of spam emails has been circulating through the PLU Gmail system. These emails are originating in accounts that have been compromised, and are telling recipients that their inbox storage has exceeded its capacity and they should follow the link provided to update their account. Emails of this nature should be ignored and deleted, and personal information should never be provided to the sender. A photo of the email is provided at the bottom of the page, as well as an explanation for how it was determined to be spam.
We encourage you to always err on the side of caution if you believe you have received a spam or phishing email. If you ever feel that you need assistance determining whether an email is legitimate or not, don't hesitate to contact the Help Desk at 253-535-7525, or email us at

If you have given out any password or log in information, or if your account has been sending similar emails without your knowledge, please follow our standard procedures for possibly compromised accounts:
  • Update your epass password at
  • Update your password on any sites where you used that password (i.e., if your epass was the same as your bank password, update your bank password as well)
  • Log into your Gmail and sign out of all other sessions; to do this, scroll down to the bottom of the page and look for the section which says "Last Account Activity"; click on the "Details" link; a window will appear which will let you force sign out all other sessions.
In the image provided, text highlighted in orange can be deemed suspicious because it suggests that the email originated from a non-PLU source. PLU emails are not managed through Webmail, and user inboxes do not have a maximum capacity, nor are they ever deleted from the system due to inbox overfilling. Areas highlighted in blue indicate grammatical and formatting oddities that should not be found in a legitimate communication from a PLU source. These errors are another red flag indicating that the email is originating in a compromised account.
Once again, we advise you to use your best judgment when deciding whether an email looks suspicious or not, and notify the Help Desk promptly if you believe you have encountered a security risk.

The questionable email.  Click to enlarge