Information Technology Services (ITS) is providing the following alert to warn you of recent phishing attempts targeting colleges and universities nationally. Scammers are attempting to collect usernames and passwords, often luring users with information regarding COVID-19 developments. Attackers are exploiting this busy time of year to catch students, faculty, and staff off guard. Please take note of the following steps to avoid falling victim to an attack:

• Carefully scrutinize the address of any web page that is requesting username and password information. The link text can mask a hidden URL, and scammers can create convincing fake login pages. Trusted UofM login pages will be at the memphis. edu domain. Beware of fraudulent web pages like “memphis. edu. fakesite. xc”.
• If you’re unsure whether a link is legitimate, close the email and open a trusted site in a new browser window. For example, the myMemphis portal will allow you to safely login to UofM Single Sign-On.
• Pay close attention to DUO requests. For the best security, use DUO pushes and open the app to verify your request is legitimate before approving. If you receive any unexpected DUO requests, always decline and contact the ITS Service Desk immediately.

As always, be suspicious of any email with unexpected attachments or requests for personal information, and never share your password with anyone. If you receive any message that you’re unsure about, forward it to abuse@memphis.edu to request guidance. Report any unusual account activity to the ITS Service Desk at umtech@memphis.edu or 901.678.8888.