Malicious Email Gets More Sophisticated

Photo Submitted

The IT Services Security Team caught another tricky phishing scam directed at university users. The malicious email spoofs actual university communications about the recent retirement of XpressMail. See the attached image for an example of how sophisticated these scammers have gotten at replicating correspondence from the university.

When receiving unsolicited email with links and attachments appearing to be from a university department or office, verify its legitimacy by directly contacting the department or office. IT Services will NEVER request your password or other personal information over email. Always look for the secure "S" in "https" before logging into an unfamiliar web page. When in doubt, contact the Help Desk at 575-2905.

Spam and other abusive email should be reported to abuse@uark.edu with full header information. Learn more about reporting abuse at http://techarticles.uark.edu/email/report_abusive_email_with_expanded_headers.

Learn more about identifying phishing and spam email at http://techarticles.uark.edu/security/security_phishing_and_spam or about writing verifiable emails at http://techarticles.uark.edu/security/verifiable_email