Phishing Attacks Targeting University Email Accounts

Art Miller

Report cybersecurity incidents to the IT Help Desk at 479-575-2905 or IT Security at security@uark.edu.

The U of A is experiencing a sustained phishing attack targeting users with fraudulent job offers or notices of account closures. If you receive an email that asks for your personal information, such as phone number, UARK credentials, passwords or MFA (multi-factor authentication) code, do not click any links or share your personal information.

The U of A will never request passwords or other personal information via email, phone call or text message.

If given the information, attackers will attempt to log into your account and threaten account closure if you do not provide your MFA verification code. Attackers may also try to gain access to accounts via phone calls.

If you receive a request on your phone to verify your UARK account (and are not actively logging into any UARK services), this is an invalid request. If the verification request comes through as a phone call, press the option to report fraud. If the verification attempt comes from your Authenticator app, select "No, it's not me."

Phishing emails should be reported in Outlook. For help identifying phishing emails or scams, refer to the article, Stop Scammers and Recognize Phishing Attempts. Report cybersecurity incidents to the IT Help Desk at 479-575-2905 or IT Security at security@uark.edu.

It is important to keep your account and personal information secure. Updating your password at account.uark.edu and creating strong passphrases are two methods to help protect your identity. For more information on keeping your account safe or reporting phishing attempts, visit the cybersecurity checklist.