Phishing messages are malicious emails designed to trick you into giving out personal information or running a malicious program. Cyber criminals employ a variety of tactics, so diligence is needed when processing email. Often a phishing message is an urgent call to action, inciting panic by claiming account issues, deadlines, or compromised security. Be wary of messages that seem too good to be true. You won the lottery! Or did you?

Cyber criminals also try to get you to click on malicious links under the guise of account verification or password expiration. Often these messages are marked “Urgent” and contain links to sites that are false, and designed to steal your information or hack your computer. They may even include official UI logos to make the message more realistic.

Request security assistance

Identifying Phish

Check links before clicking

Before clicking a link, hover your mouse over it to reveal its destination. On your mobile device, press and hold on the link to reveal its URL. Is the address different than what you expected? Is it garbled or incoherent? Does it claim to be from the university, but is something other than It might be a fake.

Email links protected by the UI's advanced email filters may to point to These links are not neccesarily safe; the domain allows ITS to better respond to and block malicious links after delivery. If you hover over a link and it shows "", check the entire link text - the original site is visible later in the text. For more information, see What is URL defense?

Verify the sender

Do you know the sender of the message? Messages from unknown senders may be phish and warrant extra scrutiny. It's important to note your contacts could have been compromised and their accounts used to send malicious emails, so messages from known senders should still be handled with discretion.

Don't open unexpected attachments

Does the message contain attachments? Be wary of attachments in email, especially Word documents and Excel spreadsheets as these can be infected with malware. If you are unsure about an attachment, report the email message to ITS for attachment analysis. See How do I report a phishing message? for more information.

Beware urgent requests

What action is the message asking you to take? Scammers often create a false sense of urgency to catch recipients off guard. If you receive an email informing you your email account is about to be closed, or a colleague sends a short email asking if you are available without further context, watch out! It may be a phishing attempt. If the email is from a colleague asking for urgent assistance, check the sender's email address - the message might not be from your colleague but a scammer impersonating their identity.

When in doubt, report the message to ITS for analysis.


Will ITS ever ask for my password?

No! ITS will never ask you for your password. Only use your UI password for UI sites.

I received a phishing message - how can I report it?

To report a phishing message, please use the Report Message button in the Outlook email client or web-based OWA. A step by step guide for the Report Message button can be found at How do I report a phishing message?.If you use an email client other than Outlook, please send the message as an attachment to

I am unsure a message is safe or a phish. What should I do?

If you are unsure whether a message is safe or not, please report it to ITS for analysis. Please see How do I report a phishing message? for reporting steps. ITS will analyze the message and let you know if it is malicious or safe to open.

How do I know a message from ITS is legitimate?

ITS will never ask you to put sensitive information into an email, as it is an insecure communication method. If in doubt, contact your TSP or Local Support (staff or faculty) or the Student Technology Center (students).

My account or password is compromised. What should I do?

If you suspect your account or credentials have been compromised, change your password immediately by logging in to You can also contact your TSP/Local Support (staff or faculty) or the Student Technology Center (student) to change your password over the phone or in person. Please notify and your TSP, Local Support, or STC as soon as possible for further remediation. ITS Security will investigate and determine if any unauthorized changes were made to your account.

Request security assistance



Article ID: 1521
Thu 1/9/20 4:46 PM
Wed 5/5/21 8:24 AM