Recently, some New School employees have clicked on the contents of fraudulent phishing emails and provided personal information including NetID and password. This resulted in unauthorized access of their accounts. After these instances we wanted to provide some information about phishing and how to protect your personal information.
Phishing emails typically direct the reader to a webpage that requests personal information or they may ask the reader to send personal information by email. Please be aware that the New School — including IT Central, President and Provost, Human Resources, Student Services, and all other university departments — would never request personal information from you this way. These emails should be ignored and deleted.
Here is some basic information about phishing.
To avoid phishing scams, we recommend that you
- Always be suspicious of emails asking for personal information.
Email is not a secure form of communication. Organizations you do business with (including The New School) already have this information and would never request it from you by email.
- Never respond to an email request for personal information.
If you think the message might be legitimate, look up the organization’s phone number (don’t trust the phone number in the email), call them on the phone, and provide the information that way.
- Never click on the links in an email you suspect might be phishing.
If you’re unsure about a link to a site you receive in an email, hover over it with your mouse. If the link text in the email doesn’t match the link address, do not click on the link.
Please note that The New School’s Information Technology department, including IT Central, will NEVER:
- Send you an email stating that your mailbox (or file server) storage limit has been exceeded and asking you to click on a link to upgrade your account
- Send you an email asking you to click on a link to “confirm your information” for any purpose
- Send you a link to a “Web form” that collects information such as your NetID and password
- Ask you to provide personal information by email
If you think you’ve been the victim of a phishing email and have given out an account name and password or other personal information, you should visit account.newschool.edu to immediately change your password and contact IT Central at 212.229.5300 x4357 for assistance in making sure that your account has not been accessed or had settings changed.
For more information on how to protect your digital identity, read the IT security handbook.