Phishing
Phishing is a form of fraud in which the cybercriminal tries to learn information by tricking you as a trustworthy entity or person via email, websites, and phone calls.
According to Microsoft, cybercriminals aim to convince you to install malicious software by downloading attachments, they also look to persuade you into handing over your personal information by replying or by clicking a malicious link in a seemingly legitimate email.
Watch out for the following:
- Unsolicited emails, text, or social media posts or fake websites that may prompt you to click on a link or to share valuable personal and financial information.
Targeted Phishing scams
Tax Fraud:
- Fake IRS agents: The IRS will never email or call you demanding immediate payment without having first mailed a bill. Nor will they ask for a credit or debit card number via email or phone.
- Soliciting W-2 information from payroll.
- “Federal Student Tax” scams targeting students and parents and demanding payments.
- Automated calls requesting tax payments.
Here is an example of what a phishing scam in an email message might look like.
Things to look for:
-
Beware of links in suspicious emails! NEVER click them.
- NEVER download or open any attachments.
-
Hover over the link: Simply place your mouse over the link to see the web address. (Links might also lead you to .exe files. These kinds of file are known to spread malicious software.)
-
Threats might be included. For example:
- "Your account would be closed if you don't respond with your username and password."
-
Scam artists use logos or photos in emails that appear to be connected to legitimate websites.
Beware of phishing phone calls
Cybercriminals might call you on the phone and offer to help solve your computer problems or sell you a software license.
Once they've gained your trust, cybercriminals might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.
Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
If you receive an email involving your UTRGV email address that you suspect may be a phishing message:
- Please follow these instructions from the IT website: https://support.utrgv.edu/TDClient/1849/Portal/Requests/ServiceDet?ID=34965
- Use the U.S. Federal Trade Commission (FTC) Compliant Assistant form. https://www.ftccomplaintassistant.gov
How to recognize phishing email messages, links or phone calls: https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx
IRS Tax scams / consumer alerts:https://www.irs.gov/uac/tax-scams-consumer-alerts
A collection of phishing, scam, and other suspicious emails
Below are the latest phish emails that we are seeing impacting our university.
- FAKE Google Play Gift Cards email - English
- FAKE IT HELP DESK email - English
- FAKE VERY URGENT email - English
- FAKE Dr. Guy Bailey email - English
- FAKE Dr. Havidan email - English
- Dr. Havidan correo electrónico FALSO - Spanish
If you get a suspicious email but don't see it listed here, Do NOT assume it's safe. There are several types of phishing emails. When in doubt, consult with your IT support staff or the IT Service Desk.