Overview
Phishing is a type of scam where attackers attempt to trick you into sharing sensitive information—such as passwords or account details—by pretending to be a trusted organization or individual.
Phishing messages can arrive by email, text message, phone call, social media, or collaboration tools.
Common Signs of Phishing
- Urgent or threatening language
- Requests for passwords, codes, or personal information
- Unexpected links or attachments
- Messages that appear legitimate but feel “off”
How to Protect Yourself
- Don’t click links or open attachments from unexpected messages
- Hover over links (on a computer) to check where they lead
- Verify requests through a trusted, independent method
What You Should Do at UM
- Report suspected phishing using UM’s reporting process
- Do not reply to the message or click any links
- Delete the message after reporting (messages reported using the Outlook “Report Message” tool may be automatically removed)
Additional Questions
- For UM-related help, contact the UM IT Helpdesk and the UM Information Security Office.
- For personal messages or accounts, consider reporting the message to your email provider or mobile phone carrier.
- If money or personal information was shared, you may also consider reporting the incident to the FBI Internet Crime Complaint Center (IC3).
Additional Resources
National Cybersecurity Alliance: https://www.staysafeonline.org/articles/phishing