Main Navigation

Students face increasing phishing and other cyberattacks

Changing your password may not be enough to protect your data.
Information Security Office

The University of Utah’s Information Security Office (ISO) has reported a sharp increase in phishing and other types of cyberattacks targeting university student accounts, which have resulted in a growing number of compromised uNID accounts.

The attackers are using phishing and social engineering to gain access to users’ uNID login information, including obtaining the answers to account security questions.

The phishing attacks often impersonate U faculty, staff, students, or organizations to obtain a person’s uNID and password, usually through an email asking the user to verify their account details with a link that redirects to a fake login screen. The social engineering attacks involve manipulating users into performing actions (e.g., buying gift cards) or divulging confidential information.

In addition to obtaining users’ personal information, recent attackers have used a combination of phished and socially-engineered information to reset user passwords, allowing the attackers to keep using compromised accounts even after the password has been changed.

To protect yourself against phishing and other cyberattacks, please help educate your users so they use these IT security best practices:

  • If you’re not already doing so, use multifactor authentication for your university and other online accounts. Students are strongly encouraged to proactively begin using Duo Security two-factor authentication (2FA), available at no cost, to better secure their uNID accounts.
  • If you believe you’ve been the victim of a phishing attempt or other cyberattack through your uNID account:
    • Forward the suspicious email as an attachment to phish@utah.edu.
    • If you opened a questionable link or answered a suspicious email and divulged your login credentials, answers to your security questions, or other sensitive information, immediately go to CIS and change your password, then call your central IT help desk to report the attack:
      • Main campus, 801-581-4000, option 1
      • University of Utah Health, 801-587-6000
    • Students whose accounts have been compromised will be required to begin using Duo 2FA. Employees are already required to use Duo for their uNID accounts.

MORE ANNOUNCEMENTS

Two U professors selected as 2024 AAAS Fellows

Amy Barrios and H. Joseph Yost of U of U Health honored ro their research and commitment to mentoring.

Read More

Red Butte Garden Arbor Day celebration

A day of events for all dendrophiles!

Read More

Stress Busters Week spring 2024

From art projects to food to study resources, there is something for everyone!

Read More

2024 Bench 2 Bedside winners

This year’s student winners developed a novel syringe accessory to prevent adhesions that may occur in mothers during a caesarian-section surgery.

Read More

New ‘Innovate U’ website showcases the U’s cutting-edge research and discoveries

Now there’s a streamlined website and an easy way to find out what innovations the University of Utah and its students, faculty, staff and community are working on.

Read More

Academic Senate meeting on April 29

Join the Academic Senate meeting on April 29 from 3-5:30 p.m.

Read More

Sonic Blossom

This special participatory artwork by Taiwanese-American artist Lee Mingwei is on view now through May 5, 2024. 

Read More

Get your tickets for the 2024 Grand Kerfuffle

Headlining at the 2024 Grand Kerfuffle is David Kushner with opening performances by Aijia and Jim & Sam.

Read More

Red Butte Garden announces its 2024 Outdoor Concert Series

The Red Butte Garden Amphitheatre offers an outdoor concert experience like no other.

Read More