Skip to main content

Information Security Office


Beware of phishing attempts through fake email 

Phishing is when criminals send specially crafted email messages in order to get users to give up their usernames and passwords, or other personal information. Their goal is to obtain access to your accounts, often to send spam from compromised email accounts, but also to acquire access to bank accounts or information useful for identity theft. The messages direct recipients to click on a link or reply by email and confirm their username and/or password. 

These deceptive email messages are not always possible to block so use caution with unusual messages. Phishing email and regular email appear similar. See an example.

When you receive questionable email, examine the "From:" address and the "Reply-to" address. Most of the phishing email are sent from external email addresses, such as,, but can also come from other institutions where an email account has been compromised. Sometimes the email appears to come from a email address but in actuality it has been "spoofed" (impersonated).

Always be cautious of links in suspicious email messages, which may go to an illegitimate website or a fraudulent login page. In some cases, these links may lead to malicious software (viruses, trojans) that can infect your computer.

The following are tips on how to avoid falling victim to phishing schemes:

  • Always remember UT Arlington staff will never request that you submit your passwords via email.
  • Do not provide your NetID and password in email.
  • Do not respond to emails that require you to enter personal or financial information directly into the email.
  • Do not reply to emails that ask you to send personal information.
  • Do not respond to emails threatening to close your account if you do not provide personal information.
  • Contact the OIT Helpdesk at 2-2208 if you are unsure about an email asking for personal information.
  • Send a copy of the message to the Anti-Phish Response Team (
  • If the message comes from someone familiar but looks odd, contact that person directly via phone to verify the contents.

If you've fallen victim to a phishing scheme:

  • Go to to change your password and security questions immediately if you have submitted information about your password.
  • If your password is the same on other websites, change them there too.
  • Inform the Information Security Office.