Fake 'UKIT' E-mail Targets UK Computer Users

LEXINGTON, Ky. (Oct. 10, 2012) — Dozens of computer users at the University of Kentucky have reported receiving a scam e-mail purporting to come from UK Information Technology (UKIT). 

The e-mail contains a link that will redirect users to a fake UKIT landing page, which asks users to "verify" their username and password. All UK computer users are warned not to visit or enter information into this site.

As a precautionary measure, UKIT has blocked this site at its current address to prevent access from on campus. However, this will not protect users at home or off-campus from visiting the site.
 

This is an example of a “phishing e-mail,” a type of scam designed to steal usernames and passwords of enterprise computing accounts. E-mails such as this one should be deleted.

Phishing e-mails can often be detected and separated from legitimate e-mail by looking for a few clues. Be suspicious of supposedly "official" e-mails that include any of the following:

• a “sent from” email address that does not end in “uky.edu”;
• misspellings;
• a notice that the email is “Urgent”;
• references to organizational units that do not exist within UK;
• inconsistencies (i.e., “University of Kentucky Technical Assistance Team” and then “University of Kentucky webmail Customer service”);
• hyperlinks to Internet addresses that do not end in “uky.edu”;
• a request that you provide your LinkBlue account and password; or
• as in this case, references to something other than LinkBlue accounts, such as "webmail."

“The number of phishing emails that the UK community receives will always increase with the start of a semester; unfortunately, the sophistication, quality, and quantity of these bogus emails is increasing as well,” said Vince Kellen, UK chief information officer. “All of us need to be vigilant.”

For additional tips on identifying phishing emails, see the "Security Matters" column in the Aug. 28 edition of The Kentucky Kernel.