If you’re a University of Georgia student or faculty member, there’s a good chance you’ve been receiving a large amount of scam emails lately. A lot of them look like this:

 

This is a “phishing” email. These emails are designed to trick you into replying to them with personal information. They typically want you to take action immediately. They also frequently feature poor grammar and spelling, as you can see in the above example. For more information, you can visit the UGA Phish Tank.

The style of phishing scam above tries to trick you into giving away your UGA MyID. It is designed to steal your login credentials and get access to your email account. While getting access to your email may not seem like a big deal, remember that your UGA MyID and password is also used to access many other accounts and systems at the university. One thing you should always remember, however is that UGA will never ask you for your username or password in an email. 

Here are 5 ways you can protect your credentials from being stolen and avoid phishing scams:

• Never send passwords, bank account numbers, or other private information in an email.
• Avoid clicking links in emails, especially any that are requesting private information.
• Never enter private or personal information into a popup window.
• Look for ‘https://’ and a lock icon in the address bar before entering any private information on a website.
• Install and regularly update an anti-virus program that can scan email.

If you’re worried you’ve already been scammed by phishing, contact the organization that was the target of the scam to change any private information, such as passwords or account numbers immediately. For UGA students and faculty, this means contacting the EITS Help Desk.

If you’ve received a suspicious message that you believe may be a phishing scam, you can quickly forward the email to abuse@uga.edu for review.