This article is for faculty, students, and staff seeking information regarding phishing emails, and will provide guidelines and instructions for how to identify and protect email from phishing attacks. 

Phishing Overview

Phishing is the attempt to obtain sensitive information such as usernames, passwords, social security numbers, and financial information, often for malicious reasons. By leveraging public information, such as email addresses from the University Phonebook, these messages can appear legitimate. Although the University’s spam mail filters and security processes reduce the threat to our community, they cannot eradicate all phishing. The best way to avoid being a victim of a phishing scam is to not fall for it. Below is information about how to detect and handle phishing messages.

The COVID-19 infection is an opportunity for unsavory characters to exploit our natural instincts to help.  Attention-getting subjects are much more likely to lure trusting individuals into exposing personal or other confidential information.  There are a number of COVID-19 related phishing scams that are purported to be from the Center for Disease Control (CDC) or other such authoritative sources.   These often contain specific information such as “maps of infections near you.”  These are similar to most phishing scams in that, on closer inspection, there is an unusual source and they invariably request that you do something proactive, such as open an attachment, follow a link, or provide specific information.  Treat all email messages with appropriate care and be cautious with any message that you did not directly or indirectly initiate. 

Advance Threat Protection

UConn has enabled Advance Threat Protection (ATP) on all University email services. ATP provides protection against malicious links and unsafe attachments.

  • Links: All URLs are rewritten through Office 365. If a link is safe, you will still go to the intended location. If a link is unsafe, you will see a warning message.
  • Attachments: All attachments are scanned for malware and access to attachments considered unsafe will be blocked.

In the past, before this service was implemented, ITS would advise users to hover over links and attachments and ensure that the link and address matched. With this service, all links are rewritten in Office 365 and will not match the URL displayed in the message.

ATP provides you with additional protection from unsafe links and attachments. However, continue to exercise caution and do not click on suspicious links. Remember that no detection method can provide complete protection.

Handling a Suspected Phishing Email

To protect yourself from phishing attempts, 

  1. Identify the message as a phishing scam. Some red flags include:
    • Urgent requests. Phishing attacks attempt to induce panic in the receiver and cause the person to act before investigating the authenticity of the request.
    • Bad spelling or grammar. Phishing messages are notorious for containing misspelled words or poor grammar.
    • Mismatched email address information. Make sure the email address displayed in the From: field matches address listed in behind mailto:.
    • Generic signature line. A university message is typically signed by a university official, whose name you can verify, and have credible contact information.
    • Unexpected requests regarding personal information. Be extremely wary of following links or answering questions from contacts you did not initiate.

      New Security Feature in February 2020: Most phishing emails come from outside of the University.  To alert you when a message comes from an external system, Information Technology Services (ITS) will automatically add a yellow banner with the following message: *Message sent from a system outside of UConn.*

  2. Carefully inspect links and attachments before you click on them. Links can direct you to spoofed web pages or download harmful files on your system.

    1. If the message contains any of the red flags listed above, do not click the link or download the message.

    2. To check the legitimacy of a message and avoid clicking on the links in the message,

      1. Reach out directly to the company or organization website, or

      2. Call the company/organization.

        UConn has enabled Advance Threat Protection (ATP) on all University email services. ATP provides protection against malicious links and unsafe attachments.

        • Safe Links: All URLs are rewritten through Office 365 and appear as https://na01.safelinks.protection.outlook.com/... . If a link is safe, you will still go to the intended location. If a link is unsafe, you will see a warning message.
        • Attachments: All attachments are scanned for malware and access to attachments considered unsafe will be blocked.

The information above provides a general approach to identifying and handling a suspected phishing email. For more specific information about securing a compromised NetID, Google Apps, or Office 365 account, review the article, Handling Your Compromised Account

If you have accidentally clicked on a link in a phishing email or given personal account login credentials or other information, you should immediately take the following steps:

  1. Change your password directly through the company or organization's official website. For extra certainty, type the address into your web browser directly. UConn community users (i.e., students, faculty, staff, etc) can change their NetID password on the NetID website.
  2. Review account statements and activity. ITS also regularly monitors for suspicious activities associated with phishing attacks.
  3. Run a virus scan on your computer to detect and remove any potentially harmful software downloaded on your system after clicking on a link.

For more information or assistance in determining the validity of any request you receive in an email, contact the Technology Support Center at (860) 486-4357 or helpcenter@uconn.edu.

Reporting Phishing Messages

You can report any spam or phishing messages by forwarding the email to reportphishing@uconn.edu

For more information about reporting suspected phishing emails, review the article, Reporting Spam and Phishing Messages.