Beware of E-mail Phishing Scams

LEXINGTON, Ky. (Aug. 2, 2010) − University of Kentucky Information Technology (UKIT) cautions the UK community about e-mail "phishing" scams sent to account holders recently.

Many UK account holders have received false and potentially damaging "service" or "maintenance" e-mails indicating that their e-mail accounts will be deactivated unless account password information is "confirmed." Please be assured that any e-mail asking for your uky.edu, email.uky.edu, or link blue password is a phishing scam. Do not reply to any e-mail asking for passwords.
 

Some types of phishing e-mails ask you to click on a link to open a web page for "validating" your information. These links can be disguised to appear to be sent from a uky.edu domain website, but they actually open a site from a non-UK-affiliated website. Clicking on these links may inflict a "drive-by" infection on your computer, causing your personal information to be compromised and requiring a rebuild of your PC.
 

Here's what to do if you have replied to a phishing e-mail:
 

-- Change your password immediately via the UK Account Manager (http://password.uky.edu).
-- Video instructions for changing your password are available at http://www.youtube.com/watch?v=lX6z8Czek6w.
-- Call UKIT Customer Service at 859-218-HELP (4357) if you need additional assistance with changing your password.

How to detect a potential scam: 
 

-- Poor English syntax and/or grammar within the message
-- An unspecified sender
-- Links that ask you to click onto non-uky.edu addresses for “secure verification”
-- A fake reply address e.g., chancellor@uky.edu (UK does not have a chancellor)

If you are in doubt about the validity of an e-mail message, please contact UKIT Customer Service at 859-218-HELP (4357).