Don't Get Spooked by Phishing Attempts

Phishing is any attempt, usually over email, to get passwords, credit card numbers or other personal information. Here are some simple steps to help determine whether an email is legitimate or if it's a phishing scam.

Verify contact information. Legitimate email should include your name and offer an alternative contact method other than replying to the email or clicking a link. When in doubt, contact the department or person who supposedly sent the email to find out if it is legitimate.

Beware of embedded links. Phishing emails often include links to malicious websites disguised as legitimate links. If an email contains a link to Outlook, for example, the phishers could have changed the destination of that link to an unsecured web form designed to steal your information and gain access to your account. 

Don't fall for the hype! Phishing scams often try to trick you into responding by creating a sense of urgency. The email might claim that you will lose access to your email or bank account, for example. The University of Arkansas and other legitimate institutions will never request your information over email or an unsecured website.

When updating your UARK password or logging into any service, always make sure you are at a site with "https://" in the address. The "s" shows that it is a legitimately secured site. 

Report suspicious email. Report phishing scams to the IT Help Desk. Learn more about how to recognize and report phishing scams.

Be informed. October is National Cybersecurity Awareness Month! Learn more about securing your digital profile, devices and more at StaySafeOnline.org.