Campus News

Federal Student Aid Office Warns of Phishing Emails

LEXINGTON, Ky. (Sept. 9, 2020) — COVID-19 has brought with it many challenges and an increased reliability on technology to connect and communicate. Unfortunately, many hackers are taking advantage of this increased use in technology. The Federal Student Aid Office of the Department of Education is reporting an increased number of ransomware attacks targeting higher education institutions. These ransomware attacks typically start with phishing attacks and can lead to loss of personal information, financial information and data. 

Phishing attacks are malicious emails that aim to trick the recipient in order to collect sensitive information. 

University of Kentucky Information Technology Services (ITS) asks that you do all of the following in order to better protect yourself.  

  • Never click links in emails from unexpected and/or unfamiliar senders. 
  • Never open attachments from unexpected and/or unfamiliar senders as documents can have malicious code. 
  • Never send money or gift cards without verifying the recipient. 
  • Always keep your operating system, web browsers and software products up to date. 

Other tips on how to detect a potential scam: 

  • Poor syntax and/or grammar. 
  • An unspecified sender. 
  • Links that ask you to click onto a non-uky.edu address for “secure verification.” 
  • A fake reply address e.g., UKexecutive.uky.edu@gmail.comUKexecutive@yahoo.com, etc. 
  • Job offers that ask for payment up front. 

ITS asks for your help reporting any emails that you think may be phishing. Visit How do I report spam and phishing emails? in the Tech Help Center for recommended ways to report phishing. If you believe your personal information or UK account is at risk from a phishing attack, follow the steps at What should I do if I've fallen victim to a spam or phishing attack? Additionally, you can file a report via the FBI cybersecurity reporting link at www.ic3.gov

ITS offers lots of ways to stay educated about phishing, including courses offered in myUK Learning. Visit our #CyberSafeCats website at www.uky.edu/its/phishing for more. You can also sign up to receive ITS' monthly Phishing Newsletter via the sign-up form

If your department or team is interested in learning more about cybersecurity counter measures, the ITS Cybersecurity, Data Privacy and Policy team is available for consultations at cybersecurity@uky.edu

For 24/7 immediate assistance, please contact ITS Customer Services at 859-218-HELP (4357) or visit the Tech Help Center at http://techhelpcenter.uky.edu. For assistance with non-urgent matters, email 218help@uky.edu

The University of Kentucky is increasingly the first choice for students, faculty and staff to pursue their passions and their professional goals. In the last two years, Forbes has named UK among the best employers for diversity, and INSIGHT into Diversity recognized us as a Diversity Champion four years running. UK is ranked among the top 30 campuses in the nation for LGBTQ* inclusion and safety. UK has been judged a “Great College to Work for" three years in a row, and UK is among only 22 universities in the country on Forbes' list of "America's Best Employers."  We are ranked among the top 10 percent of public institutions for research expenditures — a tangible symbol of our breadth and depth as a university focused on discovery that changes lives and communities. And our patients know and appreciate the fact that UK HealthCare has been named the state’s top hospital for five straight years. Accolades and honors are great. But they are more important for what they represent: the idea that creating a community of belonging and commitment to excellence is how we honor our mission to be not simply the University of Kentucky, but the University for Kentucky.