Recently, NAU experienced a particularly rabid phishing attack, timed for the beginning of the semester in an attempt to snag as many account passwords as possible. Fortunately, this time the malefactors gained little from their effort, but it's important to remain vigilant about any email that asks you to give up information, and if the information solicited is your password, then that is a clear sign that you are a target of a phishing attack. So let's review a few indicators that an email or its associated website are not what they claim.
If you received some email like this one shown below, we hope you reported it to your system administrator and then sent it to your recycle bin. If you responded and then filled out the web-linked form, well, it's time to review what a phishing scam is. Here's the bait:
Remember, no legitimate NAU entity will ever ask you for your password through an email. And that's not the only vector through which you might be attacked. Phishing can come through a phone call, a text message, or virtually any means of communication including personal contact.
Your personal identification and financial information (such as student account or payroll) might be at risk if an attacker gains access to your NAU accounts. Additionally, unauthorized access to your accounts may allow attackers to gain access to other NAU confidential information and cause further harm.
Students with questions about the legitimacy of an email may contact the Student Technology Center at (928) 523-9294, and employees may contact the Solution Center at (928) 523-1511. Report any phishing email you receive by following the instructions on this website, Email Phishing.
If you do become aware that you have inadvertently responded to a phishing email, please consider monitoring your financial accounts and credit report for indications of identity theft. The Arizona Attorney General's ID theft Web page is an excellent gateway to other resources on this subject.