Phishing Email Scams

*A "phishing" email scam* is when a scammer sends an email, disguising the email to mimic an authentic source, such as your workplace, bank, LinkedIn, Facebook, cell phone company, UPS/FedEx, airline, etc.

  1. Never click on a link in an email to manage your account, even if it appears to come from one of these "legitimate" sources. Instead, open a separate web page and go directly to the known source to log in with your credentials.
  2. If you hover your mouse over the link in the email - do not click on it, just hold the cursor over the link - you will see the actual URL. Chances are, it will be a spoofed URL, not a link to the intended web site. It might even have the name of the company embedded in the URL to try and fool you.
  3. We will never ask you for a password or credentials in an email. We will never send you an email asking something along the lines of, "Click here to upgrade your account." The messages some of us have seen from customerservice@ucar.edu are a spoof, and should be deleted.