Summary
The Office of Information Technology works to prevent phishing messages from reaching your inbox and sends phishing alerts to keep campus informed of threats. However, your best defense is to always think before you click.
Body
Phishing is a fraudulent email practice used by hackers and thieves to lure individuals into providing their personal information or download malicious software. Phishing is a type of social engineering attack.
Look for obvious signs of a phishing attempt
- Uses urgent language, eye-catching statements, or lucrative offers to get you to act quickly
- Asks for account usernames and passwords, credit card numbers, financial information, social security numbers, etc.
- Displays fake website addresses that direct you to malicious sites
- Messages coming from an unusual name or email address
- Includes an unexpected attachment
See Phishing Attempt Example
See Compromised Account Example
Prevent phishing attacks
- Verify the authenticity of the email. Do you not know who sent the message? Is it poorly written with grammar, punctuation, or spelling errors? Does it contain suspicious links or attachments? If you answered yes to all of these, then the email is probably fake, and you should delete the message right away.
- Think before you click. Hover over suspicious links before clicking them. Do they lead to a real and secure website? Or simply Google the website address to ensure it is legitimate.
- Do not open attachments. Unverified attachments can be dangerous. If opened, these files can infect your computer with viruses or malware.
- Avoid oversharing information. Never give out personal or financial information over the internet. Criminals often gather details from social media or information posted online to target phishing scams.
- Use antivirus software. Antivirus is automatically installed on university-barcoded computers managed by the Office of Information Technology (OIT). If you are unsure if your UNLV computer is centrally managed, check to see if it has an antivirus solution.
- Check your online accounts on a regular basis. Review monthly statements, checking for fraudulent transactions. If you suspect suspicious account activities, contact the vendor using the phone number listed on your credit card or the merchant’s authentic website.
If you are compromised
- If you believe you exposed sensitive university information by mistake, contact the IT Help Desk immediately.
- If you provided your personal information in response to a fraudulent email, contact the company that is being spoofed right away.
Report a phishing scam
OIT monitors and responds to reports of phishing attempts in order to keep your information safe. If you receive a suspicious email, and it is not listed on the phishing alerts page, please forward the message to the IT Help Desk.