Strategic Communications and Marketing News Bureau

Phishing scam targets U. of I. community with fake email

Be suspicious. Be very suspicious. Especially if it looks official – bank, credit card company, university human resources – and they’re asking for your personal information.

The sender may not be official at all, but rather someone fishing, or “phishing” – attempting to lure you into giving up information that may be used to access your personal accounts.

That’s the message from one campus official in the wake of a recent sophisticated phishing scam directed at individuals on the U. of I. campus, similar to other phishing attacks at other Big Ten schools.

In early July, some individuals received a message allegedly from “UIUC Human Resources,” which directed them to what looked like a university Enterprise Authentication Login page, with an additional field for their PIN.

It was apparently an attempt “to gather enough information to access university resources and potentially change personal information, such as payroll direct deposit information,” according to Joe Barnes, the interim chief privacy and security officer for Campus Information Technologies and Educational Services, writing in a July 7 massmail to the campus.

Whether any information was compromised is still under investigation, Barnes said. The Office of Privacy and Information Assurance notified the original recipients of the message – estimated to be less than 1 percent of individuals on the Urbana campus – and is monitoring affected accounts for suspicious changes. OPIA and CITES also are working on changes to better protect the university, its faculty and staff members, and students from future attacks, he said.

“Fighting the battle against phishing is a balance between technology and user awareness,” Barnes said. “From a technology standpoint, we are constantly working to improve systems to reduce the theft of both personal and university information. From an individual’s standpoint, they should feel empowered to question emails that do not seem legitimate. If they fall victim to a phishing message, they should not be afraid to say so. Not providing information to IT professionals trying to assist you can delay or prevent aid, which in the end may lead to bigger problems.”

When receiving official-looking email, Barnes advised:

  • Never respond directly to an email asking for your password or to update account information, no matter how official it may look. The U. of I., as a policy, will never ask for information that way.

  • Check the link to make sure it’s taking you to an official site. The safest practice is to open a browser and type in the address, rather than clicking on the link.

  • Only enter your U. of I. username and password on sites that have “illinois.edu” or “uillinois.edu” at the beginning of the address in the address bar.

  • Also check for “https” at the beginning of the address, a requirement for any website asking for sensitive information.

Additional information on how to spot phishing attempts and examples of recent campus-directed phishing attempts can be found online.

Barnes said campus users who receive what they believe might be a phishing message can do any combination of the following: delete the message, forward it to their local IT staff members and/or forward it to report-spam@illinois.edu for further evaluation. They also can contact the CITES Help Desk by emailing consult@illinois.edu or calling 217-244-7000.

Read Next

Life sciences Portrait of the research team posing together.

Minecraft players can now explore whole cells and their contents

CHAMPAIGN, Ill. — Scientists have translated nanoscale experimental and computational data into precise 3D representations of bacteria, yeast and human epithelial, breast and breast cancer cells in Minecraft, a video game that allows players to explore, build and manipulate structures in three dimensions. The innovation will allow researchers and students of all ages to navigate […]

Arts Photo of seven dancers onstage wearing blue tops and orange or yellow flowing skirts. The backdrop is a Persian design.

February Dance includes works experimenting with live music, technology and a ‘sneaker ballet’

CHAMPAIGN, Ill. — The dance department at the University of Illinois Urbana-Champaign will present February Dance 2025: Fast Forward this week at Krannert Center for the Performing Arts. February Dance will be one of the first performances in the newly renovated Colwell Playhouse Theatre since its reopening. The performances are Jan. 30-Feb. 1. Dance professor […]

Honors portraits of four Illinois researchers

Four Illinois researchers receive Presidential Early Career Award

CHAMPAIGN, Ill. — Four researchers at the University of Illinois Urbana-Champaign were named recipients of the Presidential Early Career Award for Scientists and Engineers, the highest honor bestowed by the U.S. government on young professionals at the outset of their independent research careers. The winners this year are health and kinesiology professor Marni Boppart, physics professor Barry Bradlyn, chemical and biomolecular engineering professor Ying […]

Strategic Communications and Marketing News Bureau

507 E. Green St
MC-426
Champaign, IL 61820

Email: stratcom@illinois.edu

Phone (217) 333-5010