It’s a new semester which means a lot of new people are coming to the University. These new people are unfamiliar with University systems and procedures which means it is a prime time to try to trick them into revealing their account credentials. We can expect an influx of phish attempts as the semester gets underway as a result.

Phishing is any attempt to acquire sensitive information such as usernames, passwords, credit card details, and banking information (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy source in electronic communication.  Mostly phishing occurs in email but text messages (sms/mms), instant messages (Skype & Lync), and social networking (Facebook, Twitter, and Instagram) have all been known to propagate phish attempts.  Feel free to review the “Phishing Email” information available on UF’s Information Security & Compliance (ISC) webpage at https://security.ufl.edu/learn-information-security/protect-yourself/email/id-theft-scams/phishing-email/. The information here can help you determine if something is legitimate or not.

Additionally, ISC posts alerts to the IT Alerts page at https://alerts.it.ufl.edu/ whenever new phishing attempts are seen at the University.  At the time this article was posted there were two alerts regarding phishing: “Dear UFL Student“ and “University email update“. If you receive something that you think just doesn’t look right, you should check IT Alerts first since chances are someone has already seen it and reported it to ISC.  Additionally, you can always forward it to us for review or report suspicious emails directly to UFIT by forwarding the message to abuse@ufl.edu.

If you have questions or comments regarding this feel free to call (392-9217) or email (mis@eng.ufl.edu).