» Information Security

The Information Security Office maintains a world class cyber security framework for strategies, standards, and policies. These ensure that all identified information assets are available with appropriate integrity and confidentiality.

For information security questions, please email infosec@chapman.edu or call (714) 744-7972. To report an incident, please use the "Report Incidents" button on this page.

Please continue to report any suspicious or malicious message by forwarding it as an attachment (ctrl-alt-F  in Outlook)  to abuse@chapman.edu The attachment format preserves hidden delivery header information that is helpful for reporting or blocking.

The training and awareness program is open only to students for now. The Raffle winners will be announced by Dean Price in the weekly update email at the end of the training schedule.

Latest phish email status

Below are the latest phish emails that we are seeing impacting our Chapman community. Check below to verify if the email you see has been reported or detected as a phishing attempt


+ - Phish email dated 11/30 [subject line: wire transfer copy]

payment copy for amount transferred to your Bank account is attached

*Information Security Office Note: Do not open the attachment.

 Attachment behavior:  The attachment is a spoofed generic email page. When the "Submit" button is clicked, the form redirects to a malicious website.


*Information Security Office Note: The email is blank, it comes with a PDF attachment, which if the user opens will see a black background with a Google Drive Logo. The message reads: "Secure online pdf document;Click here to access via google drive"

If the user clicks on the link, will be taken to a malicious website that has a log in prompt.

+ - Phish email dated 11/10 [subject line:Help Desk]

This is your email Administrator.

Your email account details needs to be updated to avoid suspension.

Download the attachment and update your account info.







This email has been checked for viruses by Avast antivirus software.

hxxps://www.avast.com/antivirus <link removed>

+ - Phish email dated 11/07 [subject line: Your Record Updated -- IMPORTANT]

This email is to confirm that you have successfully updated your email address via Self Service portal.

This update occurred on 11/07/2016 at 9:13 a.m.

If you did not update this information online, please go to hxxp://www.chapman.edu/eid/help/stolen.html or call the Information Technology Services (ITS) Help Desk at 303-616-9400 for assistance.

Please note that if you have multiple email accounts with the university, you may receive this message at each email address. If you performed multiple updates, you may also receive separate email confirmations.

Thank you, Payroll Services

*Information Security Office Note: Please do not call the phone number. The link was directed to a page that does not exist on purpose so the users call the phone number and give away their information.

+ - Phish email dated 11/04 [subject line: To All Faculty\Staff and students]

To All Faculty\Staff and students


Take note of this important update that our new web mail has been improved with a new messaging system from Outlook Web Access which also include faster usage on email, shared calendar, web-documents and the new anti-spam version.


Please click here<link removed> and follow the instruction to complete your upgrade for our new Outlook Web Access improved web mail. click here<link removed>


IT Service Desk Support.

+ - Phish email dated 10/31 [subject line: Important Transfer]

Here is your transfer confirmation. Kindly acknowledge receipt.




Daniel Schack

<excel thumbnail images removed>

+ - Phish email dated 10/28 [subject line: Help Desk]

Dear Staff(s).

New security updates need to be performed on our servers due to the rate of phishing. Please CLICK HERE <link removed> and sign in to the IT Help server for maintenance and update of your mailbox.

If your mailbox is not updated soon, Your account will be inactive and cannot send or receive messages.

On behalf of the IT department, this IT Alert Notification was brought to you by the Help Desk Department. This is a group email account and it’s been monitored 24/7, therefore, please do not ignore this notification, because it’s very compulsory.


IT Department

©2016 Microsoft outlook. All rights reserved.



Santa Ana Unified School District E-MAIL CONFIDENTIALITY NOTICE: This e-mail communication and any attachments, including documents, files, or previous e-mail messages, constitute electronic communications within the scope of the Electronic Communications Privacy Act, 18 USCA 2510 et al. This e-mail communication may contain non-public, confidential or legally privileged information intended for the sole use of the designated recipient(s). The unauthorized and intentional interception, use, copy or disclosure of such information, or attempt to do so, is strictly prohibited and may be unlawful under applicable laws. If you have received this e-mail communication in error, please immediately notify the sender by return e-mail and delete the original e-mail from your system.

+ - Phish email dated 10/12 [subject line: Change of Password Required Immediately]

We suspect a security breach happened earlier this week. In order to prevent further damage, we need everyone to change their password immediately.

Please click here to do that:

Change Password <link removed>

Please do this right away. Thanks!


+ - Phish email dated 10/7 [subject line: Important Update]

To All


Please be prepared for all systems to be offline for maintenance today.We are currently Verifying your  account.

Please CLICK HERE<link removed> for Verification otherwise your account will be inactive.

The New Web mail provides better conversation view and experience.



Thank you.

Help Desk


+ - Phish email dated 9/26 [subject line: You have violated our Terms and Conditions!]

<Chapman University Logo removed>
Take a second to verify your account otherwise your account will be terminated
as you have violated our terms and conditions.
 For a safer and full featured Office365 email experience click here to verify.

Kindly note that failure to verify your account will lead to your account being terminated
To opt out or change where you receive security notifications, click here.
Thanks for using our service
 Office365 Account Team
Copyright © 2016 Chapman.

Notify IS&T immediately when you become aware of...

  • Theft or missing computer, laptop or mobile device
  • Breach of sensitive information (social security number, student records, etc.)
  • Any computer infections or spyware
  • Serious system outages