Information Security

 External Threat Alerts

Each day brings new threats to EPCC computer users as cybercriminals work to invade our network and gather sensitive personal and financial information. What is of value to them? Your name, Social Security Number and EPCC-ID, your date of birth, username and password. This same information for all students and employees is what those behind the spamming, the phishing attempt, the ad-ware, and the malicious software code are after. Stolen information is traded daily in hundreds of Internet Chat Rooms dedicated to the buying and selling of this commodity - personal information.

Click here  to view the email messages arriving in EPCC with malicious purpose.(PDF)


Remember these basic rules:

  1. Never divulge passwords and usernames to anyone, ever. There is no justification, reason or excuse to divulge your account information.
  2. Never provide personal information when threatened or when requested in an unsolicited email.
  3. Never provide bank or credit union log-in or account information to anyone via email. Financial institutions do not ask their customers for that information so any request will be just another phishing attempt.
  4. If you cannot determine the legitimacy of any email, email or call the Service Desk (, 831-6440) or the Information Security Program (Cheryl Bowman, 831-6574; Richard Becker, 831-6411; or Richard Buller, 831-6312).

Other clues you may see in a phishing attempt are: Misspelled words; any request for username and password; any request for items of personal information; and FROM addresses you do not recognize (check the sender's address and judge whether it makes sense to be receiving a message from that address). If you do not recognize the sender or are unfamiliar with subject matter of an email, you should delete it immediately.