Direct Deposit Scam
There is a very convincing phish hitting UA inboxes. If you aren't watching closely, you could be lured into giving up your credentials to a bad actor.
Even though the message appears pretty legitimate (simple, no bad grammar, "reasonable"
request, etc), you'll note the subject gives an immense sense of urgency, and that
the sender is someone you do not recognize. And if you look closer, the sender's address may
not even be from an @alaska.edu email account:
If you happen to hover over or visit the link from the message or follow the link
to the resulting webpage, you'll note that the URL ends in "uuco.us", which is in
no way related to UA:
If you receive this message or others like it, please be sure to "Report phishing"
to help the email system help stop those messages in their tracks. The more people
that report, the faster the message is caught/removed from other accounts.
And lastly, if somehow this one slipped past you and you followed the link and entered
your password, please immediately visit ELMO (elmo.alaska.edu) to change your password.
You can help protect yourself from these types of attacks by enabling a second factor on your account! A second factor is an extra layer of security between your information and your
credentials. Find out more!
UA Security Matters would like to thank Cody Bennett, User Services Manager at IT
Services (UAS) for this great content!