Friday, February 22, 2013
The University’s Office of Information of Security has received reports on Friday, Feb. 22, of two phishing emails sent to many UGA email recipients that appear as legitimate University emails but are actually criminal scams.
Since becoming aware of the phishing emails Friday morning, the University’s Enterprise Information Technology Services’ (EITS) Help Desk has received a number of inquiries. EITS is asking the campus community to not click on the links in these malicious emails.
Like other phishing scams, the emails try to trick people into thinking a legitimate organization is requesting private information. These scams request you to either reply, or follow a link to a site that often looks identical to the service the email is mimicking.
One of the phishing emails has the subject line, “Policies on the Use of Computers Changes.” This email contained a link that looked to be from EITS, but was in fact for another website. It also has information specifically about UGA that appears legitimate.
Upon learning of this, the EITS Office of Information Security blocked access to this web address from UGA computer networks. If you did click on the link and were asked for UGA MyID and/or password information, EITS strongly encourages you to change your MyID password immediately.
In addition, another email is circulating with the subject line of “Suspension of Your uga.edu Account.” It contains a link to a Google Document and asks you for your UGA MyID name and password.
This email is also not an EITS communication and EITS will NEVER ask you to supply a password over email.
If you clicked on the link and provided information, EITS strongly encourages you to change your MyID password immediately. EITS cannot block specific documents within Googledocs, but have reported this to Google.
To report any similar incidents, send an email to firstname.lastname@example.org.