What is Phishing?
Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to protect yourself from phishing is to learn how to recognize it. Phishing emails may appear to come from UVA (and may even have a return UVA email address), and ask for personal information such as your UVA account username, password, University ID number, birthdate, or Social Security Number. Some may even ask you for sensitive financial data like credit card numbers or bank account numbers.
Phishing emails may also tell you to click on a link that takes you to a site where your personal information is requested. UVA will never ask you for your password, whether by email or phone or by any means.
What To Do If You Receive a Suspicious Email
If you receive an email that appears "phishy" and are unsure if it's legitimate:
- DO NOT respond! Do not click any links in the email, and do not "unsubscribe" or acknowledge the email in any way.
- UVA identifies popular phishing scams: check our Current Security Alerts & Warnings page to see if the suspicious email message is listed.
- If it is not listed on the above webpage, please forward the email to our email abuse team. Forwarding the message as an attachment will allow us to receive the original message in its entirety, including the email header information.
- DELETE the email!
- To subscribe to warnings regarding suspicious email messages and other cybersecurity concerns at the University of Virginia, subscribe to the security information via RSS.
Examples of Phishing and Scam Emails
Key Items to Look For in Suspicious Emails
Below are some examples of actual phishing and scam emails received by UVA community members, in which the most common or key markers of phishing emails are indicated. Please review these carefully so you don't become the next victim.
- UVA will never send a message like this. Even if you were to ask UVA to delete your account (highly unlikely), you would be communicating with UVA through verifiable channels and probably by voice communication with a verified UVA staff member, not in an email like this.
- Notice the tone of urgency, indicated by a 24-hour deadline, along with an implied threat, indicated by the words "your account will be lost". A tone of urgency and an implied or veiled threat to those who do not act will generate fear, a key tactic phishers use to deceive us, and to push us to act without thinking. UVA will never threaten you; in fact, no reputable institution will ever threaten you in any communication.
- Hover over any included links (i.e. hypertext, graphics, buttons) before clicking them. As seen above, the hyperlink text says it will "CANCEL REQUEST IMMEDIATELY", but when you hover over the link, you see that the actual URL takes you away fom UVA servers. Clicking this link would make your information and data available to hackers — if there is no match between the apparent URL and the real URL, delete the message.
- UVA will never send you a message to which you cannot reply. We will never have an "address that
cannot be answered."
- As phishing and scam emails become more prevalent, hackers can get more creative in their malicious attempts. As shown here, hackers sometimes become aware of legitimate UVA email campaigns and recreate legitimate UVA language. For this reason, it is very important to always read the entire message to ensure its validity.
*!* This is a reminder of the importance of hovering over URLs before clicking them — the URL that appears to take you to "netbadge.virginia.edu/myaccount/reactivation.html" does NOT take you to a UVA website. Despite this seemingly valid message, there is always a way to find the phish. *!*
- Again, hackers will often use legitimate content in an attempt to trick us into clicking the malicious content. Though this email address appears to be a legitimate virginia.edu message, smart users would ignore this trick once they saw the discrepancies between the apparent URL and the real URL above.
In general, trust your gut. If anything about any email message doesn't seem right, check it out before you respond.
Wire transfer requests are just one example of popular scam emails. These involve an attempt to get the recipient to process a payment for non-existent goods or services by way of a wire or credit transfer. They often pose as urgent messages from those high up in an organization, such as a CEO or senior executive.
According to Symantec, "If you receive a wire transfer request that seems out of the ordinary, always check that the sender is who they say they are. Ask yourself: is it normal procedure for your CEO to decide that you're the best (or only) person to help in that situation?"