Phishing - stolen credentials
Phishing is a way to trick you into giving someone else your personal credentials – passwords, user names, account numbers, security codes – via e-mail or web forms.
The stolen credentials will be wrongfully used in various ways and can cause great harm both to you personally and to the university.
Phishing attempts often looks authentic – they might use the University logotype, a sender name of Administrator, IT-support, Helpdesk, Vice Chancellor or a name familiar to you.
NB! When the university's IT or security staff suspect that account credentials have been stolen, the account in question will be blocked immediately to reduce the risks. The IT service desk can then assist with how to change the password.
Warning signs
- Questions regarding personal credentials:
your user name, password, credit card number, security codes … - Threats of negative consequences:
“Your account will be shut down / blocked / removed unless you immediately …” - Web links in e-mails, social media, instant messaging (chat programs): Phishing links often go to very different places than they appear.
Be aware of possible risks before clicking on a link.
Protect yourself!
- Be aware that phishing attempts can look very authentic.
- Do not answer a suspected phishing attempt – instead forward the suspicious e-mail or link to security@uu.se. You can also phone us at 018-471 75 60.
- Do not enter your credentials in a web form opened via an e-mail link, social media or chat program.
Did you know?
There is a phishing folder available for download.
You might also be interested in our information security course.