Practicalities for the USI community


Phishing is an online fraud designed to steal passwords and credit card numbers and personal account information.

Phishing messages are usually an invitation to confirm an e-mail address, or fake invoices, payment requests of orders that were never placed. They usually show a link that looks legitimate and well known and they ask to enter personal data.

The administrator of a computer service will never need your password to solve a problem. Any message that asks for a password is a trap.


How can I recognise phishing

  • It is written in English.
  • It is written in Italian with grammar and syntax errors.
  • It asks for your credentials or it directs you to a site that asks for your credentials.
  • The answer must be sent to an address outside of
  • It contains a generic message and requests personal information for non-specified reasons (deadline, loss of something, technical problems).
  • It is intimidating. It threatens to shut down the account if an answer is not provided.
  • It does not show a deadline for the information requested.
  • It is sent from a strange or unknown address.
  • It makes you believe that you are clicking on a link but you are directed to another site.
  • The message contains the banner You don't often get email from [email address].
    This new feature helps students, faculty, and staff detect phishing attacks by displaying a first contact banner message that alerts recipients that the sender does not often send e-mail to you or others included in the e-mail. 


A phishing example

From: USI Webmail [mailto:[email protected]]
Sent: lunedì, 22. dicembre 2014 12:35
To: Me
Subject: e-mail security alert

You don't often get email from [email protected]. Learn why this is important

There was something unusual about a recent sign-in for your mail account. Please review your recent activity and we will help you take corrective measures.

Review recent activities

Università della Svizzera italian


What shall I do if I receive phishing?

  1. Do not answer!
  2. Never follow the links!
  3. Report the message using the Report Message button in the Outlook ribbon or via webmail.


What if I have already replied to the message or followed the link?

If you did it from your USI account, change the password right away through webmail ( enter your mailbox, click on Options (upper right) and choose Change password..

  • Notify the IT Services at [email protected]
  • If it happened from another mail account, contact the administrator of the service directly and notify about the problem.


Why are hackers interested in USI accounts?

In most cases, the hackers have used hacked mail boxes to send new phishing from our mail server. Illegal activities are therefore carried out in the name of the user, who could also lose all the messages in the box, receive SPAM and be blocked by other users.

In the meantime, the USI mail system could gain a bad reputation, be blocked by other Institutes as SPAM, and legitimate messages will not be delivered.

It might take weeks to get out of the situation and in some cases, a payment of a fee is required,

To mitigate the problem we keep people informed and we block the hacked accounts. All accounts that send a great number of messages through the server will be automatically suspended. Please contact in advance [email protected] if you need to send a high number of messages through the server  






Updated on: 21 June 2024