Don’t get caught by phishing

July 23, 2021

The university is often the target of sophisticated phishing attempts. If something looks suspicious, be sure to slow down and consider what’s in an email before you respond to it or click on any links.

You can identify a phishing scam by looking for email messages that:

1. Create a sense of urgency.
2. Invoke strong emotions, like greed or fear.
3. Request sensitive data.
4. Contain links that do not appear to match legitimate resources for the organization that is contacting you. Before you click, hover your mouse over the URL to see if it goes to a trustworthy site.

Be a skeptic!

1. Never, ever will the University of Alaska ask you for your passwords.
2. Official University of Alaska email addresses end in @alaska.edu. When you encounter messages from non-UA addresses, be vigilant — it is easy for anyone to get a free @gmail.com account. Be skeptical of any messages appearing to be from a university authority figure having an email address ending in @gmail.com. Follow up with a phone call or an email to a known, authentic email if the message seems genuine, and report suspicious ones as phishing.

To report phishing in Google Mail:

1. Open the message.
2. Click the three stacked dots that are next to the reply arrow.
3. Click “Report phishing.”

Reporting phishing emails from your inbox helps Google determine which messages should be flagged as suspicious, which helps protect others. If you get your email through a client, such as on your mobile device, marking the email as “Junk” or “Spam” can also be helpful.

If you clicked on links in a suspicious email, or you are not sure about the validity of an email, report your concerns to ua-phishing@alaska.edu 

You are the first and best defense against phishing. Please send feedback or questions to ua-phishing@alaska.edu .