Continued Email Phishing Activity
University Information Technology Services (UITS) is continuing to see a high amount of email phishing activity on campus. These attempts are specifically requesting users to make purchases, send funds, or change bank account information, which can have a detrimental effect, including financial loss or fraud. UITS continues to apply additional steps to remediate the situation.
Current situation:
- Malicious emails were detected starting in December and have continued.
- Specifically, University leadership is being targeted as well as any staff who may have access to financial accounts. This includes the president's office, the provost's office, the Financial Services Office, and other staff.
- Examples of campus phishing emails received can be found at Phishing Alerts: security.arizona.edu/phishing_alerts.
- If the recipient responds to the email, the hacker asks the recipient to purchase a gift card or provide a personal loan.
What you can do:
If you receive an email that does not contain any information indicating that it is spam or you are uncertain if the message is legitimate, take the following actions.
- Review the "from" email address for indications that it is not coming from the implied individual.
- Before responding to requests sent to your University email account for purchasing gift cards or sending funds, contact your immediate supervisor.
- Contact the Information Security Office at security@arizona.edu or 520-621-6700.
Please forward phishes you receive to phish@arizona.edu as described here: https://security.arizona.edu/content/phishing. If you have any additional questions, please contact the Information Security Office at security@arizona.edu.
Resources:
- What's Phish? security.arizona.edu/node/335
- Phishing Alerts: security.arizona.edu/phishing_alerts
- Report a Phish: security.arizona.edu/content/report-phish