E-mail Security Advice

Recently, a lot of e-mail messages have started circulating, which appear to be sent by a familiar name; a colleague, student, teacher, or the university administration.

They are actually spoofing the display name of an email, with a non-Bilkent full email address.

Here’s how it works: if a fraudster wanted to spoof John Doe, whose real e-mail address is doe@bilkent.edu.tr, the email sender may look something like:

From: John Doe

This fraudulent email, once delivered, appears legitimate because most user inboxes only display the display name (just full name).

Don’t trust the display names.

Check the email address in the header which is enclosed with characters.

The From header in a genuine e-mail from a Bilkent account would look like:

From: John Doe <jdoe@bilkent.edu.tr>

These phishing schemes are attempts to steal your personal information.


-Do not send a user ID or password in an email.
-Do not respond to emails threatening to close your account if you do not confirm some credentials.
-Do not click links in suspicious email messages

If you have responded to a phishing scheme by submitting information about your account, password; you should immediately change your password.