Scammers launch thousands of phishing attacks every day. Phishing is the attempt to obtain passwords, credit card details, access to your device, or other personal information by sending emails, IM chats, or text messages that appear to be from a trusted person, company, or institution.
Phishing attempts are messages that direct you to click on a link or open an attachment. For example:
You will lose access to your account.
You must confirm personal information or pay an invoice.
You are eligible for a coupon or gift card.
Your family member needs help.
A few simple steps can help determine if an email/message is legitimate or a phishing scam.
Check contact information.
Legitimate email should include the sender’s name and offer an alternative contact method other than replying to the email or clicking a link. If in doubt, don’t click the link. Open your web browser and go directly to the company or department website for the correct contact information.
Do not fall into the exaggeration.
The email or text message may claim that you will lose access to your email or bank account, for example. The U of A and other responsible institutions will never request your information via email or an unsecured website.
Look for the “s”.
When updating your UARK password or logging into any service, always make sure you’re on a site with https:// in the address. The “s” shows that it is a legitimately safe site. The only legitimate place to update your U of A login information is Password Manager at https://account.uark.edu.
What should I do when I receive a phishing scam?
Use the Report Message button in Outlook if you think you’ve received a phishing email.
The button is included with Outlook on the web, Outlook for iOS and Android, and supported versions of the Outlook desktop email client.
Select the suspicious or junk message and click the Report Message button in Outlook.
Select Phishing to ensure that the suspicious email is reported to the university’s IT security team and removed properly. Select Junk if it is unwanted spam.
What happens if I provide personal information for a phishing scam?
If you provided personal information or entered your login information on a malicious site due to phishing attacks, please change your UARK and other account passwords immediately.
How do IT services prevent phishing?
The IT security team manages several services that help prevent phishing scams from spreading throughout the campus. The university’s IT security team provides protection against spam and malware with Microsoft Exchange Online Protection (EOP) and Safe Links.
Microsoft EOP inspects messages for malware and uses rules to filter messages sent from addresses known to distribute malicious mail, as well as messages that contain content such as other spam messages.
In addition to Microsoft EOP, all UARK email is also routed through Safe Links, a server-side filter that scans messages for malicious URLs and other phishing tactics. Safe Links identifies suspicious emails, tests links, and determines if the links are safe before allowing you to view them.
Protecting our online campus community is an ongoing effort as cybercriminals continue to develop their methods. Simple steps like not clicking on links in emails or text messages, avoiding downloading unverified attachments, and reporting suspicious messages can go a long way toward protecting our university. For more information, visit theCyber security checklist.
If you have questions or need help, please contact your local IT support or thecomputer help service.