Spear phishing email messages appear to be from an individual or business that you know. However, a close examination will reveal that they contain many of the tell-tale signs of other fraudulent phishing emails.
In general, phishing emails aim to:
- Create a false sense of urgency
- Request that you click an unfamiliar link to address the problem
- Come from a seemingly legitimate sender, but, are not actually from a UNC Health Care (@unchealth or @unch) or School of Medicine (@med) email address
- Contain grammar, spelling, or formatting errors
If you receive an email that requests a transfer of any money, please takes steps to confirm its legitimacy by independently contacting the person making the request, preferably by phone or face-to-face.
In general, if you receive an email that appears suspicious:
- Do not click any links. This is an attempt to gain access to your user name, password and other personal information.
- Avoid opening attachments from unknown senders.
- Double check the sender’s email address. It may appear legitimate at first glance, but not actually be from a UNC Health Care or medical school domain.
How to report and view reported phish attempts
ITS has created a website for you to view confirmed phishing attempts to campus: https://its.unc.edu/phish-alerts/. We encourage you to bookmark this site for future reference. If you receive an email that is not currently listed on that site, we ask that you forward it to firstname.lastname@example.org. Under no circumstances should you click on links provided in these phishing emails.
Additionally, a Help document is available to help you learn more about phishing: http://help.unc.edu/help/caught-a-phish/. We appreciate your assistance in helping to keep our University’s information and resources safe from scammers.
If you fear your data may have been compromised in a phishing attempt, call 962-HELP immediately to submit a critical ticket to OIS Security.