Skip to Content

Phishing and what to do

Listen to this article (2:36)

Purpose

This article will guide you through the aspects of phishing and what to do when you see phishing or when you have been phished.

What is phishing?

Phishing (pronounced fishing) is a fraudulent messaging methodology where an incoming email or SMS text message appears to be from a reputable source in order to gather personal information (like passwords and credit card information) from the recipient.

How to detect a phishing attempt

In most cases, you will receive an email message that will appear legitimate in some fashion whether it looks to be from a University-based email account or pertaining to a software service that you use regularly (e.g. Outlook/Exchange).

There are also cases where mobile devices are targeted as well. Links are typically sent via SMS text message that, when clicked, could ask you to enter information or gather information about your mobile device.

Note: A reputable source will not ask you for any personal information about accounts, passwords, or credit card numbers.

Reporting a phishing attempt (or something else that seems suspicious)

Email

  • If you have opened or received an email asking for any personal information (such as  account information, passwords, etc.), do not click any links or open any attachments, forward the email to phishing@uoregon.edu then delete the email.
  • If a source claims your UO account is in need of management, go to duckid.uoregon.edu instead of the link provided.
  • If you have clicked any links or opened any attachments, turn off and unplug your computer, then contact us by phone at x6-2388 immediately.

Text message

  • If you have NOT opened the link on the text message, send an email to phishing@uoregon.edu and/or contact CASIT by email at casit@uoregon.edu or phone at x6-2388.
  • If a source claims your UO account is in need of management, go to duckid.uoregon.edu instead of the link provided.
  • If you have opened the link, delete the message and let us know immediately.

Changing or managing your password

If you fell victim to a phishing attempt using your Duck ID and password or you’re looking to update your information, you should immediately change your password and create new security questions by going to duckid.uoregon.edu