There’s no question that we’ve all been receiving more phishing attempts in recent days. School is almost back in session, campus is starting to liven up again, and scammers can almost taste our personal information swelling behind Multi-Factor Authentication. But what are you supposed to do if you find a phishing email in your inbox?

First, NEVER click any links, downloads, or attachments when you first receive any message. Malicious links often contain malware that can steal your information without you even having to type it.

Then, trying to identify a message as phishing can be tricky. However, if it:

• Was unexpected
• Elicits a strong emotion. Examples might include:
  • Excitement for a great job opportunity
  • Panic because your account is being terminated
  • Frustration because your cloud storage is almost full
• Has poor grammar
• Has a generic greeting
• Comes from outside of UWM (no @uwm.edu in the email address)
• Has an urgent timeline

Chances are that message is phishing. Emails like the following should be approached with caution:

It is also incredibly important to note that UWM will NEVER ask for your passwords OR one-time authentication code from MFA. If you aren’t sure of the message’s legitimacy, contact the UWM Help Desk and they can provide further insight.

Finally, when you’re sure that email is in fact phishing, you have a couple options.

• You can delete it
• You can mark it as Phishing
• You can forward it to abuse@uwm.edu

If you have accidentally clicked a link, downloaded a file, or opened an attachment (it’s okay, we’ve all done it), don’t provide them with any of the requested information and quickly contact the UWM Help Desk. They will help you reconfigure your account.