11/5/13 Deletion Policy for U-System/Email Accounts

Campus experienced a spear phishing attack this morning that was addressed to students, informing them that they should go to a website to view a new deletion policy for email accounts. The link led to a page that looked similar to the UA web auth page.

If you entered your credentials in the faked web auth page, please change your NetID password immediately.

We have posted the UA's official web auth page, and the fake web auth page that was linked in this phishing email.  You will notice that the main difference is in the URL. While the fake URL looks legitimate, if you examine it closely, you will see "iskoia.com" toward the end, which is the actual target for the URL.

If you are unsure as to whether or not you are looking at the correct web auth page, go to a site where you know you will find a legitimate one.

ALWAYS verify that an email that is asking you to enter your credentials is authentic, even if it appears to be from a legitimate source.

Email text: 

From: systems-security <Email Address Removed>
Sent: Tuesday, November 05, 2013 8:54 AM
Subject: Deletion Policy for U-System/Email Accounts  

Dear Students,  

Our Deletion Policy for U-System/Email Accounts has been changed and all students/staff are advised to view it:   <URL Removed>.     If you have questions, please contact <Email Address Removed> or call: 520 626-TECH (8324)  (EDITOR'S NOTE:  THIS IS THE PHONE NUMBER FOR THE 24/7 IT SUPPORT CENTER.)

Email ID:934585675295824158971