Yes it is endless, but as a general rule for all: UVM does not send 
notices ASKING you for a password or to go to this and that link (embedded 
in the text body as a clickable link) that is not clearly a uvm link.

For example, the recent round of notices sent to those who needed to 
change their password looked like this (and this was a rare instance):

"Your UVM NetID password will expire tomorrow, after which you will be 
lockedout of UVM services. This is your final notification.

UVM is now enforcing stronger password standards. Since you have not 
changed your UVM NetID password in the past year, you will be required to 
do so.

This email is not asking for your password. UVM will never ask for your 
password via email. This message is to inform you of the need to change 
your password through the UVM website.

To update your password, visit the UVM Network ID & Account Management 
page by typing or copying and pasting this web address into your web 

and choosing "Change your password." If you have not changed your password 
by 12:00AM October 21, you will be locked out of UVM services until you do 
change it."

Note that UVM (David Todd, in this case, who was clearly identified as the 
sender) does not ask for nor does it want your password.  Also note that 
rolling over the links (not clicking them) reveals the exact same URL that 
is seen in the email.

While all the steps that folks seem to be taking ar e valid and good ones, 
the basic rule of thumb still applies: we do not ask nor do we want your 
password.  It is simpler and safer to simply delete the message.

	David Houston
	University of Vermont
	Phone: (802) 656 2013
        "You are nestled in our hearts forever"

On Thu, 12 Nov 2009, Tyler Whitney intoned:

TW:Just FYI for the list. I reported the website to the registrar, which usually
TW:takes actions accordingly because many times it is a violation of their use
TW:agreement. I'm not sure how it works being in Russia, but the registrar had a
TW:website that I was able to contact them through. The last email folks in my
TW:department had received awhile back was a UK URL, I reported it to the
TW:registrar and they shut them down. Though UVM has the nice ability to change
TW:DNS as stated (which is very helpful) I not only worry about the folks
TW:working from home/checking email from home without that protection, but also
TW:other folks not UVM affiliated that could possible get sucked into the
TW:trickery of these people.
TW:Its an endless battle.
TW:Deb Smith wrote:
TW:> That is very helpful Wesley and thanks to everyone else who have responded.
TW:> ds
TW:> On 11/12/2009 8:16 AM, Wesley Alan Wright wrote:
TW:> > Like everybody else has said, heck no.
TW:> > 
TW:> > But How can one tell? Some simple forensics.
TW:> > 
TW:> > Note the purported From: address
TW:> > 
TW:> > [log in to unmask]
TW:> > 
TW:> > Look up NetID  servicemail in UVM Directory -- no hits
TW:> > 
TW:> > Now look at the address associated with the "Verify My Webmail Account"
TW:> > link. In m email program, I can do hat simply by mousing over the link,
TW:> > and the address pops up
TW:> > 
TW:> >
TW:> > 
TW:> > .ru is russia
TW:> > 
TW:> > 
TW:> > 
TW:> > On Nov 12, 2009, at 8:09 AM, Deb Smith wrote:
TW:> > 
TW:> > > Is this a legitimate request?  I have never seen a message like that
TW:> > > asking me to verify my UVM WebMail.  I am not going to do this unless
TW:> > > someone from ETS says it is okay.
TW:> > > By the way I have not had any problems with webmail.
TW:> > > Deb
TW:> > > 
TW:> > > -------- Original Message --------
TW:> > > Subject:    You Have 1 New Message.
TW:> > > Date:    Wed, 11 Nov 2009 23:11:30 +0000
TW:> > > From:    UVM WebMail <[log in to unmask]>
TW:> > > Reply-To:    Technology Discussion at UVM <[log in to unmask]>
TW:> > > To:    [log in to unmask]
TW:> > > 
TW:> > > Welcome to UVM WebMail
TW:> > > 
TW:> > > Due to recent problem encountered with access to your UVM WebMail
TW:> > > account you
TW:> > > are required to verify your Webmail information by clicking on the
TW:> > > verify my Webmail account link below.
TW:> > > 
TW:> > > 
TW:> > > Verify My Webmail Account
TW:> > > 
TW:> > > 
TW:> > > Regards
TW:> > > 
TW:> > > Thank you for using UVM WebMail
TW:> > > 
TW:> > 
TW:> > -----------------------------------------------------------------------
TW:> > | Wesley Alan Wright <mailto:[log in to unmask]>                   |
TW:> > | Academic Computing Services       __0__                             |
TW:> > | Room 407 Lafayette Building      / \ | \                            |
TW:> > | University of Vermont              \77                              |
TW:> > | Burlington, Vermont 05405-0160 USA. \\  |
TW:> > | Voice:802-656-1254 FAX:802-???-????  vv                             |
TW:> > | aim:goim?screenname=maddogskideath    |
TW:Tyler Whitney
TW:IT Support Specialist
TW:Department of Residential Life
TW:The University of Vermont
TW:Robinson Hall, 406 South Prospect Street
TW:Burlington, VT 05405-0364
TW:Phone: (802)656-7937; Fax: (802)656-1142; Cell: (518)335-3196
TW:E-mail: [log in to unmask]
TW:Staff IT Line; (805)656-7934  Submit a Footprint;
TW:Subit a Website Issue/Problem;