Phishing Attacks Targeting Students

News

Don’t take the bait!

Scammers send an email message in an attempt to trick you into revealing personal information that can be used to commit fraud, a practice commonly known as phishing.

How to spot it:

  • Spelling and grammar mistakes
  • Urgent language prompting immediate action
  • Request for confidential information

What to do:

  • Don’t click any links or reply to the message
  • Mark the email as Junk or Phishing; see this KnowledgeBase article for more information
  • Contact the UWM Help Desk; they can offer advice or help you if you believe you’ve been phished

What is UWM doing?

This fall, multi-factor authentication (MFA) will become available to UWM students as another level of online protection. By using more than one method of authentication, your identity is verified and kept safe from phishing and other cybersecurity attacks. Please visit uwm.edu/multifactor to learn more.

Current phishing emails:

Below are some examples of phishing emails being sent to UWM students right now, the Fake File and Job Opportunity email.

Fake File Email

In this email, the scammer sends you a message that appears to be a file from another UWM user. If you click on the link within the message, you will be taken to a page that appears to be a legitimate log in page that will gather your UWM credentials leading to your account being compromised. Once the scammer has your credentials, they have control of your account and can use it to further scam other UWM users.

Some warning signs to look for:

  • The message and name of the file is vague, it may say “Important Documents for Students” but gives no other information about what is contained in the file or why it is being sent to you
  • You are not familiar with the sender of the email

If you are not sure if this is a legitimate email or not, call the sender of the email and ask for confirmation. It is important that you do not request confirmation over email because the email account may be controlled by the scammer.

Below is a screenshot of a recent Fake File phishing email:

Phishing email asking users to open a file

Job Opportunity Email

In this email, the scammer has sent out the email from a compromised UWM account, making it appear that it is coming from someone at UWM. Some warning signs to look for:

  • The scammer is asking you to reply to a different email address than the one where the message was sent from
  • The scammer is requesting an alternate email address from you; this will allow the email conversation to continue outside of the protection of UWM email filters
  • If you do continue the email conversation in another email account, the scammer will ask you to purchase items for them and you will receive a fake check in return

Below is a screenshot of a recent Job Opportunity phishing email:

Phishing Email for a job opportunity

If you have questions about an email message or think that you responded to a phishing email, contact the UWM Help Desk for assistance at (414) 229-4040 or email helpdesk@uwm.edu.