Warning: COVID-19 Phishing Scams

March 17, 2020

Malicious email phishing scams continue to target University of Arizona students, faculty and staff at a heightened level. The Information Security Office is especially concerned about phishing and malware scams taking advantage of fears surrounding the Coronavirus. These phishing attempts may ask you to enter credentials or urge you to open an attachment to learn more, potentially installing malicious code on your machine.

Please take the following precautions:

  • Question emails claiming to be from the Centers for Disease Control (CDC) or experts saying that have information about the virus.
  • Ignore online offers for COVID-19 vaccinations. There currently are no vaccines—online or in stores.
  • Do your homework when making donations through charities or crowdfunding sites especially donations requested for cash, gift card, or by wiring money. See: https://www.consumer.ftc.gov/features/how-donate-wisely-and-avoid-charit...

The University’s Security Operations Center recommends the following preventive measures:

  • Verify the sender’s email address.
    • University of Arizona has recently implemented External Sender Notification to flag emails that come from senders outside the university to help mitigate phishing attempts. Based on campus feedback, the External Sender Notification banner has been modified.  External emails will now have “[EXT]” in the subject line and “External Sender” in red font in the body.  
  • Validate authenticity of DUO Multi Factor Login Requests. 
  • Be cautious with links or attachments.
  • Protect your devices.

Support and Resources

Please contact the 24/7 IT Support Center if you have questions about a potential phishing email at (520) 626-TECH (8324).    

If you received a phishing email, please notify the Information Security Office at https://security.arizona.edu/content/report-phish