Catch the phish before you click!
A common way cyber criminals gain access to valuable information at Universities is through deceptive emails known as “phishing” messages.
Here are some examples of recent phishing campaigns and instructions on what to do if you spot a suspicious-looking email.
(Click on each example to zoom)
Spam is unsolicited email, typically sent to a widespread audience, that is usually from someone who is trying to get you to buy something.
A phishing email is a type of spam in which the sender tries to get you take a specific action, such as:
- Clicking on a link
- Entering your UW NetID credentials
- Downloading an attachment
The goal is to either load malicious software (aka malware) onto your computer or device, to steal your UW login credentials to access UW data and resources, or to use those credentials to send more spam.
If you receive an email in which someone is trying to get you to download an attachment or enter your UW NetID and password onto a fake web page, send the email as an attachment to firstname.lastname@example.org.
UW Medicine employees should cc email@example.com.
If you receive an email in which someone tries to sell you a product (such as cheap medication), forward the message to firstname.lastname@example.org.
Risk Advisory and Best Practices
Online training video
Message to the UW Community
Protecting Your Email – IT Connect (UW-IT website)
Phishing and Spam Email Guidance – UW Medicine IT Services