Phishing is an attempt to trick you into revealing private information. Emails, texts, or phone calls can “fish” for information by trying to lure you into giving passwords, credit card numbers, etc., to a malicious third party.
OIT will never ask you for your password, or any personal information, via email.
If you receive a suspicious email and are uncertain of its validity, please forward it to email@example.com. Do not respond to the message or provide any information until you confirm the legitimacy of the message.
Don’t take the bait! Learn how to spot a phish; watch this video:
There will be times when legitimate messages must be sent to inform you of necessary changes to your accounts. These may include password expiration notices, account expiration notices, or information about account abuse.
It is very important to remember that OIT will never ask for your password in an email. Any NetID password change will always take place on the Account Management web page. If you are ever in doubt about the legitimacy of a potential phishing email, call the OIT Help Desk at 865-974-9900 or forward the email with its headers to firstname.lastname@example.org.
In the case of banking, the results are obvious: the scammer now has access to your money. However, in a university what they gain access to is a bit different and could cause damage to both yourself and others. They could potentially gain further information about you and your friends/coworkers that they could use to steal more identities. They gain access to your email, allowing them to read and send messages on your behalf, including high quantities of spam. They will have access to UT services that you are authorized to use and could do things like change your insurance beneficiaries, emergency contact information, your course selections, etc. They could also lock you out of your account by changing your password.
Often, once a hacker has your NetID and password, they will use YOUR email account to send huge volumes of spam. This could result in UT email being blocked by some sites, preventing legitimate email from being delivered for multiple days. If OIT receives a report that your account has been compromised in this manner, we will block all access (including your own) to your account, and you must contact the OIT HelpDesk to request your access to be restored.
If you provided debit or credit account information, contact your financial institution immediately. If you provided your username and or password, contact the institution or organization that the account is associated with and they can assist you in resecuring your account.
With each new email scam that we observe, the OIT will block the links in the message from the campus network to ensure that additional accounts are not compromised. If the link is hosted on a legitimate service, such as weebly.com, we will contact the hosting service and ask them to remove the site.
OIT system administrators also analyze the message and make configuration changes to attempt to block future messages, while being careful NOT to block legitimate email.
Unfortunately, it is impossible to predict what the next scam will look like or where it will come from, so we are unable to stop some of these messages from getting through to your mailbox. When they do, use the delete key.
If you have followed the link on a suspicious email or have noticed unusual activity relating to your account, you may have been compromised. If this is the case, you should take the following steps to protect yourself: