If you receive an email that looks at all suspicious, contact the IT Help Desk. They can confirm whether or not the email is legitimate.
Email spoofing is when someone sends an email and makes it appear that it is being sent by someone else. On the other hand, email phishing is when someone attempts to have a person divulge private information through a fraudulent request. These are common tactics used by hackers and identity thieves.
Some common scenarios include, but are not limited to:
- An email received from a supervisor requesting financial information or usernames and passwords
- An email appearing to be from the IT department asking you to “verify your email credentials” or to enter account information into a web form
- Emails from the IRS, FBI, or other government or law enforcement agency asking for account credentials as part of an “investigation”
These emails often will look official and can include the UCA logo, UCA web addresses, names of actual UCA employees, and can even appear to be sent from an actual UCA email address. Remember that IT will never ask you for your username and password via email. Except in rare cases, you should never send any important financial or personal information (account numbers, usernames, passwords, etc.) through email.
If you suspect that you have received a spoofed email, phishing email, and/or question the authenticity of a request received via email please do the following:
- Do not reply to the email or click any of the email’s links.
- Never give any of your account credentials to anyone via email.
- Please report the suspected spoofed email or phishing email to IT by forwarding it to the IT Help Desk.
For more information on phishing, please refer to the Knowledgebase article What is phishing?.