A recent phishing attempt has targeted thousands of university users. The message asks individuals either to enter a code to view a shared file on Google Drive or to respond to a job offer request from another university. Some emails include other members of an individual's department to make it appear legitimate. If faculty, staff or students respond, the scammers then try to obtain passwords and enter their accounts through multi-factor authentication attempts.

This message was not legitimate. The university will never ask for personal information such as passwords or social security numbers in a shared file or any location other than a secured, official university website. Personal data should never be shared through email or with any organization without verifying the authenticity first. 

Users who receive phishing messages should use the Report Phishing and Junk email button in Outlook and web Outlook. Using this feature automatically sends the message to the information security team within IT Services so action can be taken. Reporting also improves the intelligence of our spam filter for the future. Learn more about how to recognize and report phishing scams. 

If you provided personal information through a suspicious email or to validate the legitimacy of email correspondence, contact the  IT Help Desk at 479-575-2905.