How to recognize phishing?
This article defines phishing and advises users on how to recognize and avoid phishing.
Phishing is the term used to refer to email that is sent to you by someone trying to get information from you. That is, they are "fishing" for information. Phishers are often looking for account credentials -- usernames and passwords, banking information, credit card numbers, or or other identity information. When someone provides this information by replying to a phishing email or clicking on a link and submitting a form, the phishers can use it to authenticate as that person, access their email and send spam.
ACCC has monitors that look for stolen accounts. When the monitors detect a stolen account, the account is suspended.
Phishing messages tends to sound threatening and demand that you "confirm" your credentials or something bad will happen (you will lose your account). Often the From email address and the Reply-To email address in a phishing email are different. Sometimes they will include link to a form where you will be asked to supply your credentials, and the URL will be outside of the uic.edu domain.
Beware of messages that:
- ask you to reply with your UIC NetID and password
- ask you to click a link in order to verify your account
- threaten to suspend service unless you reply with your password or click a link
UIC will never ask you for your password by email, phone, or in person.
For more detailed information about phishing including examples and quiz to test your knowledge, please review content from our National Cyber Security Awareness campaigns: