Phish Bowl
Ninety-one percent (91%) of all cyberattacks start with a phishing email. Identifying and reporting phishing email is a vital step in protecting the UNM Community. This page contains a list of phishing campaigns that are known to impact the University. If you get a suspicious email but don't see it listed here, DO NOT assume it is safe - there are many variants of every phish, and new ones are sent each day. When in doubt, report spam and suspected phish.
Clues to help you recognize a phishing scam:
- Requests for your username and/or password – credible institutions and organizations will not request personal information via email
- Plays on human emotions to evoke sympathy, kindness, fear, worry, anxiety, or excitement
- Vague or missing information in the “from” field or email signature
- “To” field contains multiple random email address or is alphabetized
- Time sensitive threats (e.g., your account will be closed if you do not respond immediately)
- Links that don't refer to the sender or sender's organization
- Unexpected files or downloads
Report suspected phishes to the ISPO's Information Security Operations area
To report phishing email and junk email, please use the 'Report Message' feature in LoboMail.
For more information, see FastInfo #3266: What is Phishing?