Skip to content Skip to main navigation Report an accessibility issue
Information Security

Security Terms



As the school year gets underway, it is important to be vigilant when checking your email. There are a couple of techniques that scammers are using to steal your information.

SPOOFING is the modification of an email so that the message appears to have originated from someone or somewhere other than the actual source. Spoofing is often used by spammers and can be accomplished by changing the “FROM” email address.

Email spoofing occurs in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it was sent from another. Email spammers often use spoofing in phishing attempts to convince you to open and respond to their solicitations. 

PHISHING is when scammers try to contact you through your UT email account to collect your personal information, such as your password, credit card numbers, account numbers, PINs, or Social Security numbers. It could be a phishing email if…

  • The email contains misspelled words, or poor grammar. They are getting better, so don’t depend on this indicator alone.
  • The message asks for personally identifiable information, such as credit card numbers, account numbers, passwords, PINs, or Social Security Numbers.
  • The message tells you to log in to verify your account or “else.”
  • The domain name in the message is not one you are used to seeing, and it’s usually close to the actual domain name but not an exact match. 
    For example: One of the links below is GOOD, and one is BAD!!
    Phishing website:http://helpdeskutk-verify.site.io/
    Real website:http://helpdesk.utk.edu

As a reminder, OIT posts email scams to the Recent Email Scams tab within the OIT System Status Center. Check this site for suspicious emails that have been reported. If you have concerns about a specific email, report the email to OIT via abuse@utk.edu or contact the OIT HelpDesk.

OIT also takes steps to block anyone on the UTK network from going to a bogus or malicious site. Additionally, OIT will contact a website provider and inform them that a site hosted on their system is participating in malicious activity. However, it all starts with you. If it looks “phishy,” call OIT and report it. If you realize that you have fallen for a phishing email and have logged in with your UT credentials, contact the OIT HelpDesk at 865-974-9900.

Remember: no one in OIT, the OIT HelpDesk, or any legitimate online entity will ever ask you for your password via email.