Phishing attempts continue

Recently, the University has seen an increase in the number of "phishing" emails. Read these tips for how to spot and deal with a suspicious email.

Spear phishing email messages appear to be from an individual or business that you know. However, a close examination will reveal that they contain many of the tell-tale signs of other fraudulent phishing emails.

In general, phishing emails aim to:

  • Create a false sense of urgency
  • Request that you click an unfamiliar link to address the problem
  • Come from a seemingly legitimate sender, but, are not actually from a UNC Health Care (@unchealth or @unch) or School of Medicine (@med) email address
  • Contain grammar, spelling, or formatting errors

If you receive an email that requests a transfer of any money, please takes steps to confirm its legitimacy by independently contacting the person making the request, preferably by phone or face-to-face.

In general, if you receive an email that appears suspicious:

  • Do not click any links. This is an attempt to gain access to your user name, password and other personal information.
  • Avoid opening attachments from unknown senders.
  • Double check the sender’s email address. It may appear legitimate at first glance, but not actually be from a UNC Health Care or medical school domain.

How to report and view reported phish attempts

ITS has created a website for you to view confirmed phishing attempts to campus: https://its.unc.edu/phish-alerts/. We encourage you to bookmark this site for future reference. If you receive an email that is not currently listed on that site, we ask that you forward it to phish@unc.edu. Under no circumstances should you click on links provided in these phishing emails.

Additionally, a Help document is available to help you learn more about phishing: http://help.unc.edu/help/caught-a-phish/. We appreciate your assistance in helping to keep our University’s information and resources safe from scammers.

If you fear your data may have been compromised in a phishing attempt, call 962-HELP immediately to submit a critical ticket to OIS Security.

Filed under: , ,