Federal Student Aid Office Warns of Phishing Emails
LEXINGTON, Ky. (Sept. 9, 2020) — COVID-19 has brought with it many challenges and an increased reliability on technology to connect and communicate. Unfortunately, many hackers are taking advantage of this increased use in technology. The Federal Student Aid Office of the Department of Education is reporting an increased number of ransomware attacks targeting higher education institutions. These ransomware attacks typically start with phishing attacks and can lead to loss of personal information, financial information and data.
Phishing attacks are malicious emails that aim to trick the recipient in order to collect sensitive information.
University of Kentucky Information Technology Services (ITS) asks that you do all of the following in order to better protect yourself.
- Never click links in emails from unexpected and/or unfamiliar senders.
- Never open attachments from unexpected and/or unfamiliar senders as documents can have malicious code.
- Never send money or gift cards without verifying the recipient.
- Always keep your operating system, web browsers and software products up to date.
Other tips on how to detect a potential scam:
- Poor syntax and/or grammar.
- An unspecified sender.
- Links that ask you to click onto a non-uky.edu address for “secure verification.”
- A fake reply address e.g., UKexecutive.uky.edu@gmail.com, UKexecutive@yahoo.com, etc.
- Job offers that ask for payment up front.
ITS asks for your help reporting any emails that you think may be phishing. Visit How do I report spam and phishing emails? in the Tech Help Center for recommended ways to report phishing. If you believe your personal information or UK account is at risk from a phishing attack, follow the steps at What should I do if I've fallen victim to a spam or phishing attack? Additionally, you can file a report via the FBI cybersecurity reporting link at www.ic3.gov.
ITS offers lots of ways to stay educated about phishing, including courses offered in myUK Learning. Visit our #CyberSafeCats website at www.uky.edu/its/phishing for more. You can also sign up to receive ITS' monthly Phishing Newsletter via the sign-up form.
If your department or team is interested in learning more about cybersecurity counter measures, the ITS Cybersecurity, Data Privacy and Policy team is available for consultations at cybersecurity@uky.edu.
For 24/7 immediate assistance, please contact ITS Customer Services at 859-218-HELP (4357) or visit the Tech Help Center at http://techhelpcenter.uky.edu. For assistance with non-urgent matters, email 218help@uky.edu.
As the state’s flagship, land-grant institution, the University of Kentucky exists to advance the Commonwealth. We do that by preparing the next generation of leaders — placing students at the heart of everything we do — and transforming the lives of Kentuckians through education, research and creative work, service and health care. We pride ourselves on being a catalyst for breakthroughs and a force for healing, a place where ingenuity unfolds. It's all made possible by our people — visionaries, disruptors and pioneers — who make up 200 academic programs, a $476.5 million research and development enterprise and a world-class medical center, all on one campus.
In 2022, UK was ranked by Forbes as one of the “Best Employers for New Grads” and named a “Diversity Champion” by INSIGHT into Diversity, a testament to our commitment to advance Kentucky and create a community of belonging for everyone. While our mission looks different in many ways than it did in 1865, the vision of service to our Commonwealth and the world remains the same. We are the University for Kentucky.