What is Phishing?
- Phishing is a cybercrime in which a target (you) is contacted by email from someone posing as a legitimate institution to lure individuals into providing sensitive data such as passwords.
- The information is then used to access important accounts and can result in identity theft and financial loss.
If you ever feel that an email is trying to ask for your personal information, remember this: When in doubt, throw it out!
How to Spot Phishing
- Most Phishing email scams will have spelling and grammatical errors; they will also have links to websites that imitate UCCS websites.
- Phishing emails will often come from a UCCS account that has been compromised from a previous phishing attack.
- If the message has links in it, hover over the link with your mouse to see where the link will actually take you.
- The UCCS Office of Information Technology will NEVER ask for your personal information through email.
- Need to report a Phishing email? Follow this link! How To Report Phishing
The above phishing email is poorly worded and has grammatical errors. The "click here" takes you to a fake website imitating a UCCS website.
- Use the "hover" method to identify the real URL you would be traveling to.
- Do not click on the link if you were not expecting the email.
- If you do click on the link, look at the URL. Did the link take you to where you expected? If not, leave the page immediately and change your password.
For more examples of phishing emails, and to view recent phishing messages sent to campus, see the OIT Help Desk Blog
How to Report a Phishing Scam
Please visit the following link to learn how to report Phishing emails through OWA, or the Outlook desktop application. How to Report Phishing