A growing number of Graceland employees and students have been scammed recently and I want to help keep it from happening to you.
If I told you I was a Nigerian Prince and all I needed was your bank account number and mother's maiden name, you wouldn't tell me. You know better. You'd know that I'm a thief pretending to be a prince in order to get your personal information and then your money.
But if you received an email from someone claiming to work for the IT department and asked for your password what would you do? Would you tell them?
Never give your password to anyone.
Worldwide, an alarming number of people fall for this simple tactic and Graceland is not immune. In fact, here at Graceland we pride ourselves in our wholesome community values including trust. But scammers prey on trust and they are only masquerading as members of our community.  Simply asking someone for their password is the oldest and simplest way to hack into computer systems. It's called social engineering, and it can happen over the phone, over email or text message and even face-to-face. Even savvy people can turn over sensitive information like their password just by being asked because they don't realize that the request comes from a criminal.
This is a large and increasing problem at Graceland. It has serious consequences both to your private information and to Graceland’s reputation and ability to communicate to students and prospects. When people fall for these scams and their accounts are used to send millions of emails a couple of important things happen. First of all we get on email "blacklists" and people we email from colleagues to donors to prospective students don't get our messages. Secondly, it creates a huge amount of work to find the problem, stop the spamming, close the account and get Graceland's reputation cleared.

And that's just the cost to Graceland. There is a personal cost as well. I can imagine how I'd feel if those breast enlargement emails everyone gets had my name and email address on them. Think about what you would lose when scammers empty your entire email box. Some spammers email their victim's entire contact list. Many people have had emails sent to all their friends and family saying that they had been in an accident or that their vacation had gone horribly wrong and requesting money right away. Some scammers use your good name to conduct criminal activity. These are not exaggerations. These are the actual reasons people want to trick you into giving them your account information.
Never give your password to anyone. IT doesn't need your password.
This banner appears when receiving outside emails. If you see this banner be aware that this is NOT from a Graceland address. Even if they have a Graceland email address this banner shows that it is NOT from a Graceland address.

CAUTION: This email message did not come from a Graceland mailbox. Do not click links or open attachments unless you recognize the sender and know the content is safe.

This kind of trickery is often called phishing ("fishing").
Here's a recent example: 
Here's a program that got added to my computer when I visited a webpage with an infected advertisement. I'm told I probably moved the mouse over the ad, but I did not download anything or run anything. This particularly tricky malware program masquerades as a Microsoft Virus Scanner. It is NOT. It is very professional looking, but it is a wolf in sheep's clothing. Both of the messages below show messages how convincing this fraud is.

It was quite difficult to remove from my system.  

Scam artists will often send email that appear to be from a company you do business with that really direct you to false websites designed to trick you into typing your actual username and password. Always be wary about clicking on links in emails, they may take you to websites that are not who they appear to be. It takes only minutes to make an exact copy of a webpage and this breach would easily allow the thief to personalize the page with your name and email just like the actual company might. For example in the image below only the web address indicates that this is a trick. Having a web page that pretends to belong to another company is called “spoofing.”