Phishing is the act of trying to obtain information from individuals usually in order to conduct inappropriate or fraudulent activities.
Protecting our personal information is everyone's responsibility. Please report any suspicious activity to firstname.lastname@example.org.
Never reply to an unsolicited email that asks for your personal information. The University of Memphis will never request personal information (i.e. your SSN, UUID and password, birth date, or any account numbers) via email. Any reputable institutions (your bank, credit card company, or loan officers) would not email you requesting this type of information either.
Never click on any links within an unsolicited email. The best practice is "if you are not expecting it, delete it". If it looks legitimate, use a second means of contacting the sender, i.e. call them directly and ask if they sent it. Links within a phishing email often lead to malicious or bad internet sites. For example, a phishing email may contain the link "Click here to update your information" and then lead to a phony website requesting personal information. Always visit an institution's website directly, using their official URL, not the link in the email. Example of phishing email is located here.
Am I expecting an email?
- Is the sender's email address what I'm expecting?
- Would this person send me an attachment?
Always use common sense and good judgment. The University operates a broad array of security-related hardware and software designed to safeguard sensitive personal and institutional data. However, our networks and services are connected to the Internet, and we cannot block every fraudulent action that occurs on the world wide web. We need everyone to look carefully at what appears in your email - if it looks suspect, it probably is.
Remember - it is a violation of University policy UM1535 - Acceptable Use of Information Technology Resources to share your account information and/or password with anyone.