It’s always phishing season — Don’t take the bait

There has been an increase in UF Health employees falling prey to online “phishing” schemes this year. UF Health IT recently logged more than 300 instances, in a single day, where employees clicked on a phishing link.

Phishing is a common way for hackers to gain personal information, usually through email messages.

Cyber attackers often send a convincing email pretending to be a trusted friend, colleague or a representative from an organization you trust, like your bank, a charity or even the UF Health Help Desk.

These emails often ask for an immediate action, like logging into a website or submitting your username and password in a reply.

Imposter emails have come from employee accounts in the UF Health system, some even from the email accounts of our leaders. The emails look real.

How can you tell if you’re a target of a phishing scam?

Take action!
Stop phishing before it starts.

  • Do not click any links or respond to any emails asking for your personal information or credentials.
  • Only open attachments you are expecting.
  • No legitimate IT, banking, brokerage, social networking or shopping site will ask you to share personal information in an email.
  • Legitimate UF Health emails will never ask for personal information via email.
  • Be suspicious of any unexpected emails (even from a trusted colleague or friend). Look for emails that require immediate action, start with a generic salutation, ask for personal information or have grammar and spelling mistakes.

Call UF Health IT if you see anything suspicious: 352-265-0526.