Recently UNT has seen a rash of Phishing email messages. A Phishing
Email is described as “an attempt to
fraudulently acquire sensitive information, such as usernames,
passwords and credit card details, by masquerading as a
trustworthy entity in an electronic communication."1
Generally these messages request that you verify your account by
following a link, and then entering sensitive data such as your
username, password, social security number, and date of birth. Unfortunately these links lead to a website hosted by the scammer,
and once you submit your information you have given away everything
needed to access your account. These websites can be
convincing, and look exactly like a company’s actual website.
Fortunately it is very easy to protect yourself from such scams.
As a rule the Helpdesk will not email users requesting sensitive
information such as their date of birth, social security number, and
password. This holds true for most businesses. If you receive
an email requesting you respond with, or fill out a form with,
sensitive information it should be regarded as a Phishing attempt.
If you would like to verify the validity of such an email, contact
the company in question at their publicly listed (not one listed in
the email) support desk phone number.
Sometimes even the most astute can fall prey to these scams. This
can quickly lead to a compromised account. If you fear your
UNT account has been compromised you first should change your
password, and secret question to avoid any further misuse of your
account. You should then report the incident.
Information for reporting a security violation can be found at
http://security.unt.edu/incidentreporting. Students who
feel they may be the victim of a Phishing scam can report the
incident to the CITC Helpdesk at
The Security Team (http://security.unt.edu)
has posted the following information regarding Phishing scams on
UNT system administrators and staff will never ask
for your UNT password. Immediately change your password and discard
the old one. The senders of the fake email are collecting valid
credentials to use for access to UNT services, especially email
through which spam can be sent. Report the incident to your
supervisor and system administrator, so any additional containment
or handling can be coordinated.
Recently appearing in Benchmarks
Return to top