IT Announcements

Did You Know? Scammers are Impersonating University Officials

January 25, 2025

Phishing emails and other electronic scams are becoming more frequent; in recent weeks, the Security team has received multiple reports of fraudulent document-sharing attempts. In this attack, a document will be shared with UA users, supposedly requesting action by a supervisor or trusted member of the UA community.

Here is a sample of this email sharing a fraudulent Microsoft form :
 Memry Dahl invites you

And an example of a fraudulent file share from Google:
an example of a fraudulent file share from Google

While both of these examples take advantage of legitimate services like Google and Microsoft, the accounts do not match up with an @alaska.edu address, and the shared file is meant to trick you into divulging your password or other information.

How can you tell?

  • The name and email of the sender do not match the name of the UA affiliate
  • In some cases, there is a cautionary note on the invitation stating that the sender is not part of our organization
  • The message contains links or attachments that are unexpected:
    Note this Microsoft form, supposedly from our Chief Human Resources Officer, contains a link to a website with a Russian (.ru) domain
    Note this Microsoft form, supposedly from our Chief Human Resources Officer, contains a link to a website with a Russian (.ru) domain.

What should you do?

Whenever you receive an email that seems phishy, take a moment to verify the source:

  • Emails from HR or Payroll will always come from someone with an “@alaska.edu” email address, or a trusted vendor the University has already communicated about
  • Reach out! Pick up the phone or use an authorized messaging feature (Google Chat or Microsoft Teams) to verify the information before acting. Never rely solely on the contact information in the email.
  • In cases where the email is actually from Google but the account is impersonating a valid user, it's best to click on "block the sender" from Drive, which is linked in the invitation.
  • When in doubt, forward emails that seem “phishy” to ua-phishing@alaska.edu; we will take a look and take action if necessary.


If you interacted with an email like this and entered your login and password, please change your password via ELMO immediately!

As always, contact your local Service Desk if you need assistance:

 

UAA 

or call 907-786-4646

UAF & SO (OIT) 

or call 907-450-8300

UAS 

or call 907-796-6400