ISO warns of budget season phishing attempts
Screen capture of the Phishing Lessons video, showing the definition of phishing: Tricking a user into sharing personal information or login credentials by posing as an official source.
Many University of Utah faculty and staff members will soon receive official University communications regarding topics such as salary changes, benefits open enrollment, and other seasonal university business. The University's Information Security Office urges employees to remain cautious and alert to possible phishing scams that are designed to coincide with University processes and timelines.
Phishing attempts often take the form of spoofed emails, directing recipients to enter login credentials at a fake website that looks almost identical to the legitimate one. Employees are encouraged to scrutinize official-looking emails and watch for the following common signs of an email phishing attempt:
- Unusual language, poor spelling or grammar.
- Message is designed to provoke an emotional response.
- URL doesn’t match the webpage it links to.
- When you hover over a link with your mouse, it doesn’t match the promised content.
To better protect yourself and your login credentials:
- If you’re uncertain about an email’s legitimacy, send a blank email to phish@utah.edu with the suspicious email attached. Information security staff will analyze the email for you.
- Guard your uNID and password like you do your Social Security number.
- Change your passwords often.
- Lock your device screens when not in use.
For more information about phishing, please review University Information Technology’s help article on the topic. If you have questions or concerns, contact the UIT Help Desk at 801-581-4000.