Skip to the content

Kansas State University

Email Threats

Email security risks include attachments, scams, viruses and worms, spyware and adware, and hidden or devious links to bad websites.

Protect yourself

Every day more and more scam emails are sent out asking K-Staters for their eID and Webmail passwords. These emails are often very convincing, or frightening to those who receive them, so replies are sent and accounts are compromised. It is important that we all work to reduce these compromises by ensuring that our information is never sent to anyone in an email.

No one will ever ask for your eID or email password in an email for a legitimate reason.

This includes the IT support staff, the Office of Information Security and Compliance, and any legitimate business.

If you receive an email asking for this information it is a scam, so don't respond.

You can learn more about scams and how they work:

To find a list of the most recent phishing scams hitting K-Staters by going to the IT Security blog.

What you can do

Use common sense when you're sending and receiving email.
Learn how to identify a scam. This will help you find out for yourself if an email is a hoax, a virus, or for real. Always use caution when revealing personal information, such as your phone number or physical address to anyone you communicate with through email, even if they appear to be someone of authority. Never give out your social security number or a credit card number in an email. Emails are not a secure form of communication and anything that is sent could be intercepted by a nefarious individual.

Do not reply to spam email messages, or other harassing or offensive mail.
By responding, you only confirm that you are an actual person with an active email address. This can lead to more unwanted email solicitations. Be suspicious of any unsolicited email. When in doubt, delete it.

Never open attachments or click on links from unknown sources.
And be cautious about links and attachments from people you do know. They may contain Trojan horses, worms, or viruses, which can seriously damage your personal or work computer. Be sure that you have anti-virus software installed and that it is scanning all attachments before you open them.

Never share your password.
System administrators and IT staff will never ask for your password. Do not be fooled by suspicious emails asking you for your password. This is a ploy designed to fool you into sharing your password. As a simple rule, never share it with anyone.

Change your log-in password often.
The simple act of changing your password will increase the likelihood that your email remains secure. This is why the K-State eID system prompts you to change your password twice per year. It's a good idea to use alpha-numeric passwords which are harder to break, so be sure to use both numbers and letters when creating your password.

Always log out/sign off of public computers.
Always remembering to log off or lock any computer you leave unattended will help ensure the security of the data on it. This is extremely important for publicly accessible computers, and mobile devices.

Additional Information

On the pages below, you will find more information about email scams that affect K-Staters. This includes information about phishing scams, and other email scams, as well as what you can do to identify what is a scam, and what isn't.