ITS sponsors an annual security
awareness campaign
How and to whom do I report an incident?
Any suspicious or questionable electronic activity should be reported.
Below are a few examples of common incident types and how to report them.
Threatening or Harassing e-mail: messages received that are directly and personally threatening, abusive, obscene, or vulgar. To report electronic harassment or direct threats, forward the original e-mail message received with the full header showing to security@psu.edu. Also contact your local police department.
Denial of Service Attacks: massive amounts of e-mail or other network traffic sent to systems or individuals. This is usually done to crash the system(s), but may also be done to saturate the capacity of the network(s). Send an e-mail message to security@psu.edu describing the incident. Be sure to include any log files you may have that contain the date, time, source IP address, destination IP address, port numbers involved, and the time zone setting of your machine/logs.
Hacking/Cracking: the use of a piece of code that has been manipulated to do some action that it was not designed to do and/or exploiting programmable system details. Send an e-mail message to security@psu.edu describing the incident. Be sure to include any log files you may have that contain the date, time, source IP address, destination IP address, port numbers involved, and the time zone setting of your machine/logs.
Unauthorized Access Attempts: attempts to discover possible weak points in a computer system. Such weaknesses may subsequently be exploited to take control of an account or machine. Send an e-mail message to security@psu.edu describing the incident. Be sure to include any log files you may have that contain the date, time, source IP address, destination IP address, port numbers involved, and the time zone setting of your machine/logs.
Compromised Account: use of your Penn State Access Account or departmental systems account by an unauthorized individual(s). If you believe this has occurred, immediately change your Penn State Access Account password via www.work.psu.edu and your machine password. Send an e-mail message to security@psu.edu.
Copyright Violation: use of copyrighted materials (i.e., text, photographs, images, video, audio) without permission from the copyright holder. If reporting a copyright violation, send a detailed message to security@psu.edu. Include the title of the work being illegally copied, the name of the composer or writer, when and how the violation was found including date and time zone, and the location of the alleged illegal work (URL, IP address, printed newsletter, etc.).
Worm: a program that can make copies of itself, spread through connected systems, and exploit resources which can damage/compromise computers. To report a worm, forward the information with any applicable logs to security@psu.edu.
Virus/e-mail worm: a program that infects a computer by making copies of itself to the limit of available space or by attaching itself to another program and propagating itself when that program is executed. To report receipt of a virus/e-mail worm, forward the original e-mail message received with the full header showing to virus@psu.edu. If possible, include the name of the virus as indicated by your antivirus software. Do not include the infected attachment.
Hoaxes, Phishing, and Unsolicited commercial e-mail (spam): electronic equivalent of USPS junk mail. It is recommended that users filter and delete these e-mails.
If you revealed personal information in response to a phishing scam, contact your local police services
Alternative Media - Nondiscrimination Statement
This site maintained by Security Operations and Services,
a unit of Information Technology Services.
For assistance, contact
Security Operations and Services.
Provide site feedback to the
Security Webmaster.
Last revised: 01/12/2007