By Office of Information Security
The UT Health San Antonio community is being advised to watch out for phishing scams that have been on the rise.
There has been a significant increase in texts and phone calls attempting to scam recipients into buying gift cards, paying phony bills, wiring funds, even giving to a charitable cause.
These phishing scams appear to come from a colleague, peer, supervisor, department chair or institutional leader.
“CEO phishing”, is a form of Business Email Compromise (BEC), when an attacker spoofs the email address of the CEO or institutional leader and poses as them in an email.
The email indicates urgency in the subject line or in the body. The majority of these scams don’t contain a link, so it’s difficult for automated security systems to detect them.
In the message, they may ask an employee for personal information (like a cellphone number) and request they take some action involving a financial transaction like transferring money or transmitting confidential or financial information.
Wording examples of business email compromise attacks:
“Please contact me to finalize the deal I’ve been working on.”
“This needs to be done by the end of the day.”
“Please make the payment ASAP at this “link.”
“Please send me the account and password. I am locked out.”
“URGENT. I am in a meeting and can’t step out…send me your phone number so I can contact you ASAP.”
Key points to help identify these attacks:
If you get an email or urgent request from someone in leadership asking you to make a payment or send confidential or personal information make sure to stop, question it and pause before acting.
If there is any doubt about the communication then directly contact the person who sent the email (in person, if possible) or contact them through another known, previously used channel (phone number) in order to confirm if the email is legitimate.
Verify any communication that requests:
- For passwords, verification codes, or secret answers.
- For your personal or university payment details (credit card numbers, bank details, and so on).
- To follow a link to sign in to a bank account.
- To donate to any charity that is not through the once yearly and widely publicized state employee charitable campaign.
If you receive suspicious emails or texts, don’t respond to it, click on any live links, or forward it to peers.
Report suspicious emails to spam@uthscsa.edu or use the Phish Alert button in Outlook.
If there is a phone number associated with a suspicious text or voicemail, send that number with a brief description to infosec@uthscsa.edu and delete the message.
For more information, visit https://infosec.uthscsa.edu/phishing-prevention.