Skip to content Skip to main navigation Report an accessibility issue
Information Security

Spotting and Avoiding Phishing Attacks



What is Phishing? Phishing is essentially someone trying to get you to do something through email, usually volunteer personal information or click on a link, which enables them to compromise you, your accounts, or your computer in some way. Other kinds of phishing may require you to open an attachment or a link, which can infect your computer with spyware or malware.

While we are all taught to be wary of phishing scams that may sneak their way into our email inboxes, there are a few practical steps users can take to avoid becoming a victim of phishing scams.

·           Protect your sensitive information. Never send sensitive information over email. It is crucial that you avoid sending bank account information, social security numbers, and personally identifiable information over email. If it’s an unsolicited or suspicious email that is from someone at UT, you should still avoid sending any sensitive information in an unprotected fashion. UT Policy prohibits users from requesting sensitive information in an unprotected manner.

·           Check the email address. Always check the source of the email. Emails that come from odd-looking addresses, are misspelled or inaccurate, or appear to be made up of random combinations of letters or numbers are usually an indication of suspicious activity.

·           Do not click on links. One way to check a link’s validity is to hover over the link without clicking. When doing this, the link destination will appear at the bottom left corner of your screen. This allows you to check the accuracy of the link. However, if ever in doubt, google the address you might need rather than clicking on the link provided.

·           Do not open attachments. Be wary of unsolicited attachments, as they are an easy way for scammers to compromise your computer.

The key to avoiding phishing scams is to be vigilant when managing emails. While it is easy for users to manage their inboxes quickly, not checking the source and legitimacy of emails, attachments, and links can put you in danger in a matter of seconds. Putting in the time it takes to check the legitimacy of an email or link can save you time, money, and peace of mind in the future.

If you DO click on a link that you realize (too late) may be a phishing attempt, call the OIT HelpDesk at 865-974-9900.