Phishing is a type of attack carried out to steal usernames, passwords, credit card information, Social Security numbers, and/or other sensitive data. Phishing is most often seen in the form of malicious emails pretending to be from credible sources like people, departments, or organizations related to the university.

Attackers can use this information to:

  • Steal money from victims (modify direct deposit information, drain bank accounts)
  • Perform identity theft (run up charges on credit cards, open new accounts)
  • Send spam from compromised email accounts

Attackers can also use your public information and relationship with the spoofed "sender" to get you to:

  • Purchase gift cards
  • Connect to an insecure site (http://) 
  • Get you to click on a malicious link and install malware on your device

Protect Yourself by:

  • Reviewing our Phish Tank to see if this is a known malicious email on campus
  • Learn ways to identify phish with our "Fight the Phish" educational materials and
  • If you think you've received a phish, report it!