Skip to main content
Information Security

Incident Response FAQ

Call the Technology Help Desk x5700 (408-554-5700) or visit the Technology Help Desk

on the first floor of the Learning Commons.
If it's a laptop or tablet computer, please bring it with you.

Probably not. Try changing the batteries in your wireless mouse and/or keyboard.
If the problem persists, call the Technology Help Desk x5700 (408-554-5700)

Call the Technology Help Desk at x5700 (408-554-5700). The Help Desk will notify the Information Security Office (ISO), who will call you back with some questions (see example questions below)

  • Was university data stored on the computer?
    • Student records (names, ID numbers, grades)?
    • University financial information?
    • Student health records?

If it was stolen, file a report with the police.

If it was a university owned computer, call the Technology Help Desk x5700 (408-554-5700). The Help Desk will notify the Information Security Office (ISO) who will call you back with some questions (see example questions below):

  • Was university data stored on the computer?
    • Student records (names, ID numbers, grades)?
    • University financial information?
    • Student health records?
  • Was your own personal data on the computer? (Tax, banking, health records)
    • Consider subscribing to a credit monitoring service.

Also, if it's a university owned computer, call the Risk Management Office to see if the computer is insured and can be replaced without incurring additional cost to your department.

If it's a personally owned computer and there was university data stored on it, call the Technology Help Desk x5700 (408-554-5700). The Help Desk will notify the Information Security Office (ISO).

Call Campus Safety x4441 (408-554-4441). They will ask you questions about the content of the messages and may contact the Santa Clara Police Department.

If you believe the email is part of criminal activity, DO NOT delete the email until you have contacted Campus Safety at x4441.
If it is a garden variety spam that has slipped through Google Apps' spam filters, you can report the undesired email:
  • Click the checkbox next to the message in your inbox
  • Then find the icon that looks like a stop sign with an exclamation point on it in Google's icon bar.
    • Click that icon and you're done!
    • You will also help Google's spam filters 'learn' about the spam it has missed.

Even if the email has our logo and all of the right colors, it may not be from SCU. Does it read strangely? Are there spelling or grammar mistakes?

DO NOT ENTER YOUR USERNAME OR PASSWORD. You have been phished.
  • Click the little down arrow just to the right of the email date stamp and below the little printer icon to the right of the email's subject line.
  • Click "Report Phishing"
    • You're helping Google's phishing filters to catch the phish that it has been missing
DANG IT! I ALREADY ENTERED MY USERNAME AND PASSWORD. It looked so real. Now what?
  • Change your SCU passwords immediately!
For more information about phish emails, look here. For more information about changing your SCU password, look here.
SCU will NEVER request your credentials or login ID via email. All email messages that request this or other personal information are fraudulent.

DO NOT turn your computer off. Stop all activities on the computer and contact the Technology Help Desk x5700 (408-554-5700). Tell the Help Desk analyst that you have an urgent issue, and that you suspect an information security incident has occurred. The Help Desk will contact the Information Security Office (ISO) who will contact you and begin investigating the incident.

Call the Technology Help Desk at x5700 (408-554-5700). Inform the Help Desk analyst of the urgent issue and the suspected information security incident. The Help Desk will contact the ISO, who will then reach out to you and begin investigating the incident.

  • Be ready to provide a brief explanation of the suspected abuse or misuse.
  • If possible, include the suspected SCU IP address or computer name, along with the date and time of the suspected abuse. The more specific the details, the better the chances of tracking down the suspect.