University Email Affected by Phishing Scams

Over the past weekend, 12 university email users responded to fraudulent phishing requests for their UARK usernames and passwords, increasing their vulnerability to identity theft and allowing their accounts to be used by spammers. Within a short time, four accounts sent out over 50,000 messages each.

Spam coming from uark.edu mailboxes compromises the integrity of the university email environment and often causes other email providers to delay or refuse delivery of legitimate messages. It only takes one person falling for a phishing scam to put the university at risk of being blacklisted (blocked) by outside email services like Yahoo, Hotmail, Cox, etc.

Scammers have become good at mimicking official university email. However, IT Services notices regarding password expiration always include a phone number to verify their legitimacy and will never request your password or other sensitive information.

IT Services has taken steps to prevent university email from being blacklisted by outside email services by reducing the maximum rate of email transmission each user can send to prevent spamming. Technical staff are also evaluating several software products designed to reduce and mitigate the effects of phishing attacks.

Report phishing and other malicious email to abuse@uark.edu by following the instructions at https://techarticles.uark.edu/email/report_abusive_email_and_expand_headers.

Learn how to recognize and appropriately deal with phishing scams at https://techarticles.uark.edu/security/phishing_scams.

------
Like IT Services at facebook.com/uarkITS or visit its.uark.edu/news for recent IT Services news.