Dear UO students,
Can you recognize a phishing email?
Phishing emails try to trick you into sharing sensitive information or establishing a relationship with a cybercriminal. Their goal: stealing your money or identity.
Unfortunately, phishing scams get more sophisticated every day. The UO Information Security Office offers two measures to help you feel confident telling the malicious emails apart from the legitimate ones.
Phishing Awareness Training
- Check out our 15-minute phishing awareness training.
- Learn how to identify potentially dangerous emails and deal with them effectively.
- Recommended for all UO students, staff, and faculty.
Phishing Simulations
- You will periodically receive simulated phishing emails from the UO Information Security Office.
- These simulations mimic real-world phishing attacks. For example, they may ask you to provide your password or click a suspicious link. They may also include logos from known and trusted organizations.
- We encourage you to treat the simulated phishing emails like real phishing emails. (You may not be able to tell the difference!) That is:
- Report any phishing emails, including the simulated ones, by using the Report Phish button in Outlook or by forwarding them to phishing@uoregon.edu.
- Exercise caution. Don't click links in suspicious messages.
- If you do click a link in a simulated phishing email, you'll be redirected to an educational page explaining what just happened and how to avoid real phishing scams.
- There will be no negative consequences from the simulations, and no personal data will be collected. Our goal is to prevent real-world losses for you and the university.
- UO employees, including student employees, have been periodically receiving simulated phishing emails since spring 2022.
