Skip to the content

Kansas State University

  1. K-State home >
  2. Information Technology Services >
  3. Security >
  4. Internet Safety >
  5. Email Threats >
  6. Identifying and Responding to a Scam

Identifying and Responding to a Scam

How do I identify an email scam?

With all the spams, scams, and strange email arriving these days, it's hard to tell what's real and what isn't. Here's a handful of basic, common-sense ways to check your email. Some of these points may not be indicators by themselves (we all have bad spelling and grammar sometimes), but when you start adding them up they can be a great indicator of a scam.

Be skeptical about every email your receive.
Don't make exceptions, not even for email apparently from friends or family. Any email address can be hacked, copied, forged, or mass-distributed.

Watch for misspellings, poor grammar, or unusual forms of words.
There are a variety of ways this may be apparent. Misspellings and poor grammar are generally tell-tale signs that the email is a scam written by someone for whom English is not their first language. Some things that might stand out are the use of Ksu, instead of KSU or K-State, finding sentences that don't makes sense at all, or finding words that are used out of context.

Pay close attention to the sender of the email and who you're replying to.

  • Did the email come from a K-State address? If the email didn't originate from someone or then there's a good chance that its scam.
  • Where do the replies to the email go to? Look for the words "Reply-to:" in the header, if they are different from the "From:" then the email is likely to be a scam.

Be highly suspicious of email that tells you to send copies to others.
By definition, these messages are also chain letters and are banned by K-State's Information Technology Usage Policy.

Check full email headers on questionable email.
The Received line shows the route the email took to get to you. (For details on how to do this, contact the IT Help Desk, 532-7722,

Check a reliable, reputable website that documents viruses, hoaxes, scams, and/or fraud.
Good sites include:

Do a quick search on or other major search engine.
Search for the subject of the email or the file being warned about, such as "jdbgmgr.exe". You'll be surprised how much information you find.

What do I do if I already responded to a scam?

K-State is constantly targeted by spear phishing attacks that try to trick people into divulging their eID password. If you replied to any of these scam emails and provided your password, take the following steps immediately:

  1. Change your eID password.
    Log in to your eID profile and change your password right away. Most of the time, scammers won't use your address immediately, so sometimes just changing your password quickly can prevent the attack.

  2. Check your Webmail configuration for changes.
    Be sure to pay close attention to things like the "Reply-to:" address and your signature block. Scammers will change the information in these so that when they use your address to send scam emails, the replies go to an address that they have better access to.

  3. Contact the Office of Information Security and Compliance.
    Email us as soon as you think there's been a breach so we can determine if your eID was misused in any way. If you think you have been compromised, send an email to: If you have identified a scam email that you have not replied to, send it to

The criminals are getting better at making their scams appear legitimate. Some of them even reference "K-State eIDs" and appear to be sent from the "KSU Helpdesk," but we assure you that they are not. So, don't feel embarrassed if you have fallen for one of these scams. Please report it to us as soon as possible, so we can ensure that all of the necessary steps are being taken to safeguard you and your fellow computer users.