coe-staff: Recent "phishing" at UO and staying safe

[Jeff Woodbury]

All,

COEIT and UO ITS have recently seen a number of "phishing" attempts to trick users into revealing UO Duck ID information.

In short, you should never provide your personal Duck ID password to anyone. No one on campus will ever ask for personal Duck ID account password.

Here is a quick overview of how to recognize phishing emails:


*         Check the name and email address of the sender.  Often the identity thief uses an email that has nothing to do with the company, unit or group that oversees account management


*         Look for overly generic content. You may see email subjects such as "ITS Service Desk" or "Your account has been disabled." Phishing  emails often come from a group, not a user that you can track down


*         Look for misspellings or lapses in good grammar. Identity theft attempts often overlook proper spelling and grammar


*         There is usually a threat of losing access.  Phishing emails often mention that your account is in danger of losing access or has lost access


*         Check any email links for their underlying web address.  You can put your mouse/pointer over the text of a link to reveal the web address of the link.

We have more information about "phishing" at our COEIT help site: http://coehelp.uoregon.edu/info/how-to-recognize-phishing/

It you have any questions about phishing, please contact COEIT at coe-support at ithelp.uoregon.edu<mailto:coe-support at ithelp.uoregon.edu> or at:  http://coehelp.uoregon.edu/


Jeffrey A. Woodbury, PhD
Director of Technology, College of Education
University of Oregon
jeffreyw at uoregon.edu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists-prod.uoregon.edu/mailman/private/coe-staff/attachments/20150120/8d57aa69/attachment.html>