Phishing is an attack in which a scammer sends fraudulent emails or text messages, or directs users to a copycat website, in order to steal valuable personal information such as account numbers, Social Security numbers, or login IDs and passwords.
Phishing emails are often designed to look like official communication from banks, eBay, Amazon, or other organizations, including UCF. These messages typically contain a call to action, such as a threat that an account will be disabled unless the recipient responds, or an urgent message regarding a payment issue.
In addition to email and website phishing, there’s also vishing (voice phishing via phone) and smishing (text message or SMS phishing).
How can I protect myself from phishing attempts?
Legitimate businesses do not solicit user account information via email. If you receive an unexpected email that appears suspicious, remember:
- Do not click on links in phishing or spam emails
- Do not open any attachments
- Do not reply to a phishing or spam email
- Contact the company directly to validate the email
Do not use any contact information listed in the suspicious email. Instead, open a web browser and go directly to the company’s website.
If you have any questions or concerns, please contact the UCF Information Security Office by email at firstname.lastname@example.org or by calling 407-823-2711.
How can I report phishing emails?
If you feel the email is malicious or contains a threat:
- Report the message to the UCF Security Incident Response Team by clicking on the “Phish Alert” button as shown in the example to the right. To learn more about the Phish Alert Button, click here.
- Alternatively, if you do not have a “Phish Alert” button, you may forward the email as an attachment to the Security Incident Response Team at SIRT@ucf.edu. For step-by-step instructions, view the KnowledgeBase article here.
- Contact the UCF Police at 407-823-5555 if you feel your personal safety has been threatened.
Click the tabs below to learn more about spam emails.
Email spam is any email message that you did not ask to receive. A spam email message may be sent to many users simultaneously. While annoying, spam messages can also pose a threat if users click on the links, open any attachments, or provide information to the spammers.