Skip to content Skip to main navigation Report an accessibility issue
Information Security

Don’t Take the Bait



Learn how to spot a phish:

1 From: WEBMAIL SERVICEDESK <service_desk@yahoo.com>  
Sent: Wednesday, March 8, 2017 11:15 AM
To: Undisclosed Recipients
Subject: Re-activate your UTK account
2 Skewed logo
3 Attn Student: 
4 Your UTK e-mail account is compromised and has been restricted.You cannot send/receive messages until you re-activate your account.

If your account isn’t responding to us it will be permanently deleted.

5 This is the LAST NOTICE. 
6 Please follow the link below to re-activate your UTK account:

Click to re-activate your account (http://itroll.ru/wp-content/themes.html) 

Did you catch them all?

1 Sender’s email address: Official UTK communications will always be sent from a utk.edu address. However, be cautious; just because it does come from a utk.edu address does not guarantee that it is legit either.
2 Don’t be duped by aesthetics: Phishing emails often contain convincing logos, links to actual company websites, legitimate phone numbers, and e-mail signatures of actual employees.
3 Impersonal or awkward greeting: Most phishing emails DO NOT refer to the recipient by name.
4 Check for errors: While scam emails are becoming more sophisticated, many scam emails contain misspellings and grammatical errors. Read your emails carefully and report anything that seems suspicious.
5 Urgency/Fear: Scammers use threats and urgency to scare you into acting immediately. If you are concerned, always contact the organization directly whether by phone or online. Never reply to a suspicious email.
6 Bad Links: Always hover your mouse over a link to see the true destination. If you see a long, unfamiliar link, it’s likely a phish.

When in doubt, contact the OIT HelpDesk for assistance at 865-974-9900 or visit help.utk.edu.