Phishing Alert: "Update Your Mailbox" Scam Attempts to Collect Username and Password

Sunday, June 18, 2017 - 20:31

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims you have exceeded your email quota and must update your account by clicking on a link. The link directs readers to a harmful Web site that attempts to collect your username and password. The email scam appears to originate from a compromised University email account. 

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.


Subject: System Administrator

Your mailbox has exceeded the set quota limit by the admin please click here to update your mailbox and avoid being suspended.

System Administrator.


The link in the phishing email directs readers to a malicious Web page (shown below) that mimics a Webmail login page. 

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

gFTP for Faculty / Staff / Depts.

Securely transfer files between computers with this SFTP client for Linux.

Directory Services: Working with Groups

Working with Groups

CDS Groups

Enterprise Active Directory (AD) manages user access to resources primarily through groups. Access can be granted on a user-by-user basis but such assignments are rare, as group membership is the most effective way to keep track of who can access what at the University.

Directory Services: Using the Accounts Administration Service to Create and Manage Accounts

This document is intended for Responsibility Center Account Administrators and explains how to create and manage accounts using the Accounts Administration service.

There are three sections for account maintenance:

Email: Safe or Blocked Senders

You can add email addresses to your list of Safe Senders to make certain messages from that address are never quarantined by the spam filter. You can also add email addresses or domains to the blocked senders list to ensure that messages from that address never make it to your Inbox.


Cognos is a tool for enterprise reporting and ad hoc data querying. Using Cognos, authorized staff can view standard University financial and student reports. Data and administrative professionals can use Cognos Query Studio to create ad hoc queries or run existing queries.

Data from the University data marts are organized into packages within Cognos. These packages provide data for pre-built reports, as well as providing data sources for ad hoc queries via the Cognos Query Studio tool.

Technical Support Walk-in Locations

Technical Support Desk at the University Store on Fifth

Technical Support Desk

Access My Pitt Email with the IMAP Protocol

You can use the IMAP protocol to access your My Pitt Email by following the steps below. You may need to use the IMAP protocol if you access your email with the Thunderbird desktop email client or if you have a smartphone that does not support ActiveSync.