What is phishing? What can I do if I receive a suspicious email message that I believe to be phishing?

Phishing emails continually target the U-M community, including students, faculty and staff at the College of Engineering. Criminals use malicious email messages to try to trick you into revealing your password or other sensitive information. Phishing email often uses urgent language, asks for personal information, and has grammatical, typographical or other obvious errors. Many phishing emails also ask the recipient to open an unsolicited attachment in an effort to infect the device with malware and gain access to information.

More about phishing

Many phishing emails have the following attributes:

  • Appear to be from a U-M address, but are not. The name in the From: line may appear to be the name of someone at U-M (perhaps spelled or formatted slightly differently), but the actual email address is usually not a @umich.edu address.
  • Appear to be copies of actual emails sent from University faculty, staff, or departments.
  • Contain unsolicited attachments that are malicious in nature—usually a Microsoft Office document. If opened, the attachment may install malware on the recipient's device.

What you can do

  • Report the phishing attempt. If you receive one of these emails send it to ReportPhish@umich.edu. Include full original/headers if possible. For example in a Gmail message, click the three-dots icon to the right of the Reply arrow, and select "Show original."
  • Do not open any unsolicited attachment. If you are unsure about a particular message or attachment, contact the apparent sender by a method other than replying to see if the message is legitimate. You might look them up in the MCommunity Directory and use the email address or phone number listed there, for example.
  • Pay attention to warnings. If Google or other apps warn you a document or site is suspicious, don't open the document or click the link.
  • Do not reply to the email. See the U-M Safe Computing How to Spot a Spoof page for clues to help you identify a forged or misleading sender address.
  • Learn more about phishing at the U-M Safe Computing Phishing & Suspicious Email page, including the most recent phishing alerts at U-M.

What U-M does to address phishing

  • Providers of email at U-M (Google Mail, Michigan Medicine Exchange) routinely block spam and phishing attacks, but can never block all potentially malicious email.
  • U-M Safe Computing staff routinely report malicious senders to the appropriate service providers (such as Google, Yahoo, and so on). The service providers can then shut down the offending accounts.
  • U-M also shares and uses threat intelligence from across the Big Ten Academic Alliance (BTAA) to block known malicious websites and addresses.

Questions or Concerns?

Please contact the College's IT Security team at security@engin.umich.edu.


Article ID: 5257
Tue 5/4/21 1:01 PM
Fri 5/21/21 8:33 AM