Recognizing Phishing Attempts
Phishing is ever-evolving, but some key things to look out for:
Email address doesn’t match the sender.
For example, the sender’s name appears as “President Taylor”, but the email address is “imprestaylor@somedomain.com”, or another address not officially associated with the person. University business is required to be done through University channels and so emails should be coming from a utah.edu account
Urgency
A common tactic is to make the recipient feel a sense of urgency. “Your account is about to expire. Immediate action required!”
Take a breath.
Sudden Contact in an Unlikely Manner
Again, this tactic usually creates a sense of urgency. “Can you call me now? I need to ask you something.”
Take a breath. How likely is it that the person supposedly making contact would address you in that way? What address or number are they asking you to use? Is it different than their University contact information?
Link URLs Don’t Match Text
Hovering over a link in the email shows the target URL is different than what the text indicates. For example, the text reads “Login to your uMail account” and the link target points to an unfamiliar domain, not associated with the University of Utah or its email provider.
Reporting Phishing Attempts
There are a few ways to report phishing attempts to UIT.
Outlook Application
- Highlight the suspicious message
- Select the “Phish Alert” button from the menu toolbar (this is typically under the ellipsis, but may be directly in your toolbar depending on your settings)

- Complete the form and click “Submit”
OWA (www.umail.utah.edu)
- Highlight the suspicious message
- Select the “Phish Alert” button from the menu toolbar
Apple Mail
- Right- or Control-click on the suspicious message
- Select “Forward as Attachment” from the contextual menu
- Enter “phish@utah.edu” in the “To:” field and send.


