• panther status on ampus

Information Services & Technology

Information Security

» Information Security

The Information Security Office maintains a world class cyber security framework for strategies, standards, and policies. These ensure that all identified information assets are available with appropriate integrity and confidentiality.

For information security questions, please email infosec@chapman.edu or call (714) 744-7972. To report an incident, please use the "Report Incidents" button on this page.

Please continue to report any suspicious or malicious message by forwarding it as an attachment (ctrl-alt-F  in Outlook)  to abuse@chapman.edu The attachment format preserves hidden delivery header information that is helpful for reporting or blocking.


Latest phish email status

Below are the latest phish emails that we are seeing impacting our Chapman community. 


noon pst. There are a flood of spam emails impacting Chapman right now on. Emails are being sent out with the subject like ‘John Doe has shared a document on Google Docs with you’. Do not click on the link in the email.

1.00pm pst: The links in the email are being blocked so we should be seeing a reduced number of the emails. Also Google has reportedly fixed the underlying issue with the gmail access from the fake 'Google Docs' from the link.

+ - phish email date 5/23 [subject line:PO 164-2017]

Infosec Note: The email comes with a malicious attachment (word document) attached - if you opened the attachment and double clicked the red icon, please contact the service desk immediately at extension 6600 or email servicedesk@chapman.edu


Dear Sirs,

Please find enclosed the design of 5000 pcs set of our new order and send quotation for attached list of materials.

Please check and do the needful urgently…

Thanks & Best Regards

Best Regards

Angela Draper

Sales Co-Ordinator
Dixon Group Europe Ltd

+ - phish email dt 5/3 [subject line: John Doe has shared a document on Google Docs with you]

To: hhhhhhhhhhhhhhhh@mailinatordotcom
Subject: John Doe has shared a document on Google Docs with you


John Doe has invited you to view the following document:

Open in Docs <link remove>

+ - Phish email dated 4/21 [subject line:Your mailbox ]


Your mailbox is filled up and need to be validated  to avoid deactivation. Kindly click on the link below to avoid your account from been disabled.




Outlook365 Support.


+ - Phish email dated 4/14 [subject line: ICT SERVICE DESK]

Dear Email Users,

Your password Will Expire In The Next TWO {2} Days Current Mail Users Should Please Log On To IT-WEBSITE To Validate Your E-mail Address And Password,Or Your E-mail Address Will Be Deactivated.Thank You.

ITS help desk



©Copyright 2014 Microsoft

All Right Reserve


Notice from St. Joseph Health System:
Please note that the information contained in this message may be privileged and confidential and protected from disclosure.

+ - Phish email dated 4/11 [subject line: Urgent: Mandatory Password Reset ]


Your IT administrator has initiated a mandatory password reset for your organization due to a suspected hacking attempt.

Please create a new password immediately to ensure your account is protected.

CREATE NEW PASSWORD <link removed>

© Microsoft Team. All rights reserved. 

+ - Phish email dated 4/02 [subject line:Your Order # 588963 placed on 04/01/2017 is paid]

Order confirmed. Thank you!

Hi dear - Order confirmed. Your order has shipped to 861 E Sandhill Ave , Carson, California , United States

Metode Payment : Paypal

GOPRO HERO 4 Session Action Camera GPS WiFi Video Photo Camcorder BRAND NEW

Estimated delivery : Sun. Mar. 11 -  Mar. 21
Shipping service : Standard Int'l Shipping
Item #Â : 281862130319
Transaction id : 1487509438018             Â
                  Its Not You ?
Cancel Payment






+ - Phish email dated 4/02 [subject line: [Not Virus Scanned] Invoice #1404 (number can be anything) ]

This email is being sent in order to inform you that a new invoice has been generated for your account.

Your Account Login: XXXXXXXX@chapman.edu

The file is password protected for your protection. The password is 123456

Thank you.
Kiran Bapatla (this could be different)

InfoSec note: The file is a zipped archive that opens with the password attached. Please do not open. Forward to abuse@chapman.edu .

+ - Phish email dated 2/28 [subject line: Very urgent]

Security alert


Dear Customer,

Our system has detected an unusual attempt to Log in to your Account and it was restricted. For safety, access to your account has been temporarily restricted. To restore full account access,


Complete account validation <link removed>

Thank you,


The University Support

Copyright  2017


This email is intended for the designated recipient only, and may be confidential, non-public, proprietary, protected by the attorney/client or other privilege. Unauthorized reading, distribution, copying or other use of this communication is prohibited and may be unlawful. Receipt by anyone other than the intended recipients should not be deemed a waiver of any privilege or protection. If you are not the intended recipient or if you believe that you have received this email in error, please notify the sender immediately and delete all copies from your computer system without reading, saving, or using it in any manner. Although it has been checked for viruses and other malicious software, malware, we do not warrant, represent or guarantee in any way that this communication is free of malware or potentially damaging defects. All liability for any actual or alleged loss, damage, or injury arising out of or resulting in any way from the receipt, opening or use of this email is expressly disclaimed.

+ - Phish email dated 2/26 [subject line: UPDATE PORTAL]

The Human Resources/Payroll Department has completed the final pay-stub changes for 2017 tax year.

To view the changes to your pay-stub information and view/download your W-2 forms (2014 - 2016 tax years), go to: Adp Portal

or click the below link


We hope you find the changes to your pay-stub information useful and welcome any comments you may have.

Yours Sincerely.


+ - Phish email dated 2/1 [subject lines: IT Notification ; Chapman HelpDesk]

Today February 1st, 2017, your email will be migrated to our new email system - 2017 Outlook Webaccess. You must upgrade your email account immediately. Simply click on the link below, update your profile and submit.

Click and activate <link removed>

This will cause NO change to your messages. Inability to complete this procedure will render your account deactivated.

IT Helpdesk

+ - Phish email dated 1/21 [subject line: To All Faulty\Staff]

To All Faulty\Staff

       Take note of this important update that our new web mail has been improved with a new messaging system from Owa/outlook which also include faster usage on email, shared calendar, web-documents and the new 2017 anti-spam version.

Please use the link below to complete your update for our outlook improved web mail.
System Administrator (link removed) to update 

IT Service Desk Support.

+ - Phish email dated 1/12 [subject line: HELP DESK]

Dear User,

Your two incoming mail has been placed on hold, to reactivate it Click Here <link removed> to retrieve your email


Help Desk <link removed> ©Copyright 2017 Microsoft All Right Reserved

+ - Phish email dated 1/11 [subject line: RE: Your Password Expires Today]

System Administrator

Your password will expire in a few days time. Kindly click on the Help Desk<link removed> to update your current password and automatically upgrade to the most recent e-mail Outlook Web Apps 2017.

If the password is not been updated today, your account will be suspended within 12 hours.

System Administrator,
Connected to Microsoft Exchange.
© 2017 All rights reserved Microsoft Corporation.

+ - Phish email dated 1/11 [subject line: New Secure Message]

Dear Customer,
You have 1 new secure message
Please Login <link removed> to your online to view the
the secure message
Wells Fargo Online Customer Service

+ - Phish email dated 1/10 [subject line: INVOICE]

please view the attach and get back to me

*Information Security Office Note: Do not open the attachment.

+ - Phish email dated 1/6 [subject line: Web services,]

Web services,


Your Mailbox Has Exceeded It Storage Limit As Set By Your Administrator. You need to upgrade and expand your Mailbox quota limit before you can continue using your e-mail. To Upgrade and increase your e-mail quota to 2.6 GB. You are required to complete your details below. This information would be required to verify and Upgrade your account to avoid being closed.


Full name:

Email ID:

Email Password:

Confirm Password:


Your account will remain active and valued after you have successfully confirmed your account to the monitoring Centre.



Mail.edu services.

@2017 Web services.com account

+ - Phish email dated 1/4 [subject line: Your mailbox might be closed]

Please note that your are running low of Subscription data.


Your mailbox might be closed, kindly click activate <link removed> to add more MB to your mailbox.

Notify IS&T immediately when you become aware of...

  • Theft or missing computer, laptop or mobile device
  • Breach of sensitive information (social security number, student records, etc.)
  • Any computer infections or spyware
  • Serious system outages