LEXINGTON, Ky. (June 15, 2017) — The University of Kentucky issued an email yesterday to faculty, staff and students warning of a phishing email. The message is below:
Several UK employees have received false emails regarding merit increases and 2017 salary allocation guidelines. The email links to a very convincing website that is not a University of Kentucky website (screenshot above). Please be assured that any email asking for your bank account number is a phishing scam. UK will NEVER ask you to provide your bank account information via email.
We ask that you share this warning and remind colleagues not to provide information or click on links or attachments in emails that are unexpected and from unfamiliar people.
Some types of phishing emails ask you to click on a link to open a web page for “validating” your information. These links can be disguised to appear to be sent from a uky.edu domain website, but they actually open a site from a non-UK-affiliated website. Clicking on these links may inflict a “drive-by” infection on your computer, causing your personal information to be compromised and requiring a rebuild of your computer. More information on how to protect yourself can be found here.
What to do if you have replied to a phishing email:
• Change your password immediately via the UK Account Manager (http://password.uky.edu).
• Call ITS Customer Service at 859-218-HELP (4357) if you need additional assistance changing your password.
How to detect a potential scam:
• Poor syntax and/or grammar within the message
• An unspecified sender
• Links that ask you to click onto non-uky.edu addresses for “secure verification”
• A fake reply address e.g., firstname.lastname@example.org (UK does not have a chancellor)
If you are in doubt about the validity of an email message, please contact ITS Customer Service at 859-218-HELP (4357) or 218HELP@uky.edu.