Phishing attacks on campus

Beverly Danquah, Staff Writer

The Office of Information Technology has received reports of phishing attacks appearing on campus.

On Tuesday Nov. 29, Joseph J. Tufano, Vice President and Chief Informations officer, sent out an email reminding St. John’s students that the University will never ask for “your e-mail name or password via e-mail correspondence.”

The email also reminded students to “never reply to requests for your confidential information.”

Phishing attacks are fraudulent emails or pop-ups that appear to come from legitimate organizations, but actually con people into giving away sensitive personal information such as passwords, financial information or social security numbers.

According to an Internal Communications email sent by Tufano on Nov. 10, one phishing attack baited SJU employees with “performance and compensation review information.” It appears the link was disguised to look like a legitimate address, but it was not.

St. John’s students are being asked to beware and pay attention to the signs. Attackers personalize emails to make them seem authentic, so make sure you:

  1. Check to make sure emails you receive have the SJU email address domain “”
  2. Check to make sure that if you click a link to get to a SJU reference page, it is a page within the SJU website
  3. Contact the IT help desk at (718) 990-5000 if you have any questions regarding phishing attacks

Phishing attacks aren’t limited to just the SJU website, so remember to double check trusted websites that require personal information.