UR has seen a recent increase in phishing emails that encourage users to click on harmful links. These emails are coming from internal email addresses (i.e. first_last@XXX.rochester.edu) and may appear legitimate.
How to Identify a Phishy Email
There are a few ways to identify these emails as phishing attempts; however, these could change at any time. When in doubt, contact the Help Desk directly. Please lookout for the following:
- A message coming from someone you do not usually email even if it is an internal email address
- There is no address in the “To” field
- When you hover over a link in your email (do not click!), the web address that displays is NOT an internal address
In general, many phishing emails look legitimate so it is important to always avoid clicking any links that you have not specifically requested from a colleague.
What Should You Do?
Received a suspicious email and not sure what to do next? If you receive an email from someone, you do not usually communicate with, do not click any links or respond to the email. Instead, forward the email to firstname.lastname@example.org.
Get Educated on Phishing
For more information on phishing, visit University IT’s Phishing Education page.
University IT Help Desk