Recent Spear Phishing Attempt
August 30, 2013
Wednesday afternoon, thousands of UTA email addresses received the email below –
It looks innocuous enough. We use Blackboard here at UTA. If you’re a professor or a student you probably realized pretty quickly that you’d never received an email like that from Blackboard, but with recent improvements it could be legitimate.
A quick check shows this was in no way a legitimate email – if you hover your mouse over the link, you can see where you’re really going if you click on that link.
That is definitely not UTA’s Blackboard server – Blackboard is elearn.uta.edu. Let’s say you accidentally clicked on the link without checking it first. The webpage from the phishing email is on the left, UTA’s Blackboard landing page is on the right –
Even if you aren’t familiar with the layout of UTA’s Blackboard sign in, there are some pretty big warning flags on the phishing page – the URL, the question mark in the title, the use of school user ID and e-mail address. If this had been a more convincing phishing site, it would have looked just like UTA’s Blackboard homepage – this is why it’s so important to be aware of what you’re clicking on and who you’re giving your credentials to.
If you do fall for a phishing attempt, you need to change your password as soon as you realize it was not a legitimate request. You should contact the OIT Helpdesk at 817.272.2208 so that your account can be watched for suspicious activity. If at any point you have a question about an email’s legitimacy, do not click on any links! You can forward the email to the Helpdesk (helpesk@uta.edu) or the ISO (security@uta.edu).