User Security Tips

Fraudulent Emails

What is a fraudulent email?  A fraudulent (spoof) email pretends to be from a well known or trusted entity in an attempt to solicit personal information from you. People who send spoof emails may use any information that you have provided in order to commit fraud, or possibly identity theft.  

What can be done to combat fraudulent email?

  1. Identify that the email is fraudulent.  Fraudulent emails usually share the following characteristics:
    • Generic greeting:  The email does not specifically address you by name, but rather calls you “user,” “customer,” or “member.”
    • Generic closing: The email will typically identify itself as being from a generic department, for example, “Customer Service Department” or “The Banking Services Team.”
    • Sense of urgency:  You are encouraged to respond immediately, or within X number of days.
    • Fake links: Links within the text of the email do not link to the entity sending the request.  Alternatively, the link appears to represent the entity, but may re-direct to a third-party site.  Never follow any links sent to you in an email. Instead, actually go to the site of the business from your web browser.  
  2. Notify the entity that you have received a fraudulent email.  If possible, forward the email if you have not already deleted it.

Questions State of Maine entities will never ask you in an unsolicited email

To best ensure our constituents’ security, we follow strict rules. We will never ask for the following personal information in emails:

  • Credit and debit card numbers
  • Bank account numbers
  • Passwords
  • Driver's License numbers
  • Social Security Numbers

Other Tips for protecting yourself online:

Steps to take to prevent a spoof from affecting you:

  • Familiarize yourself with the Security and Privacy Policies at
  • Keep your security software current. Update your firewalls and security patches frequently. Consider using software from companies such as McAfee and Symantec.
  • Monitor your online accounts. Check your accounts periodically to see if there is any suspicious activity.
  • InforME subscribers are enabled with online account tools at  If you see suspicious activity, notify the Maine government entity responsible for the service.
  • Change your password often. And, if you think your security may have been breached, create a new password immediately.
  • Use a unique password. All passwords should be one-of-a-kind, and not used on any of your other accounts. A good password contains letters and numbers. This makes it more difficult for people to guess.
  • Take action. If your information is compromised, get a fraud alert placed on your credit report. You can contact the Federal Trade Commission for more information and to file a report.

Additional Information related to your personal security: