Image of hooked credit card with text: Be Aware Phishing Attack Can Occur Daily. This has been a drill supporting the research of Dr. Baily's NSRG and coordinated by Technology Services.

Phishing Drill

  • The email you received was a test written by Dr. Baily's NSRG and sent from an off-campus server coordinated by Technology Services.

  • This was a look-a-like website designed to mimic real attacks seen on campus.

  • Because this was a university research driven drill, your password was not actually stolen and does not need to be changed.

  • Phishing and compromised accounts are a major risk to campus operations and research.

  • Review the information found below to learn about identifying phishing attacks.

Phishing Information

Everyone is at risk including Deans, Faculty, and even IT Professionals. Technology Services in partnership with Professor Bailey's research group are running these phishing tests to gage the risk the university faces and assist researchers in identifying effective forms of phishing and mitigation.

As a part of this campaign you were phished and like many others fell victim to the attack. In the case of an actual phish attack your information could be used to perform identity theft, steal paychecks, and be used to negatively impact the university's teaching and research mission. 

Please Review the following information about recognizing phishing and preventing it in the future.

Five Tips on How to Identify a Phishing or Spoofing Email


Visually Verify the From Address

Probably the easiest way to identify if an email is legitimate or not, is to simply hover your mouse arrow over the name in the From column. By doing so, you will be able to tell if the email is from a recognizable domain that is linked to the actual sender name. For example the sender’s email address is the name of a legitimate company + common email provider such as uofi@hotmail.com then it is likely a phish.

Are the URLs legitimate? 

It is best practice to not click on links. Instead open a new window and go to the site directly without using the email link provided in an email. If the link is from the university look to verify it first by contacting the sender directly or verifying the information with your local IT pro or Technology Services helpdesk.

Request for personal information

Banks, stores, credit cards, and the University of Illinois will never ask you for sensitive information (passwords, account numbers, credit card numbers, etc.) over email. Emails that asks you to “update your account” by clicking on a form and entering your password, credit card number, or account number are likely phishing and should be deleted and reported immediately. 

Urgent/Too good to be true

If an email seems too good to be true, it most likely is. Be cautious with any message offering to place money into your bank account by simply “clicking here”. Also, if the content places any kind of urgency as far as “you must click into your account now”, it is most likely a scam and should be marked as “junk”.  Any requests from the university should be verified via your local IT pro, helpdesk, or another method beyond email.

Suspicious attachments

Verify that you were expecting information from a sender before opening it. Random attachments are often the vector for malware. If you are suspicious contact the person who sent you the data via skype, phone, or another platform to ensure they intended to send you the attachment.

(EXAMPLE of PHISH EMAIL showing the 5 elements above)

Frequently Asked Questions regarding Phishing or Spoofing Email

How would I know if my University credentials were compromised?

You may not always know. Scams and malware that steal passwords are designed to be stealthy and unnoticed.

Passwords are most frequently compromised one of three ways:

  • Being tricked to giving up your credentials at a real-looking but scam website (aka Phishing)
  • Malware or other compromise of your device which installs software designed to run in the background and steal passphrases
  • Re-using University credentials for non-University websites, and the non-University websites are hacked and all credentials exposed

Who do I contact if I think my University credentials were compromised?

If you believe your University credentials have been compromised, you must reset your University passphrase immediately.

Contact the Technology Services Helpdesk: consult@illinois.edu

What if my personal email account, bank account, or other accounts were compromised?

Immediately change your passwords for any potentially compromised accounts

Contact your bank or financial advisor to let them know your accounts may be compromised and ask them to put a fraud alert on your accounts

Check your bank and financial statements and credit reports to regularly to identify any false charges or suspicious activity

How do I report a Phishing or suspicious email?

 If you receive an email you are not sure about, forward the suspicious email -- don't reply -- to report-spam@illinois.edu. More information can be found at: https://answers.uillinois.edu/illinois/page.php?id=50007 

Do I only need to worry about Phishing attacks via email?

Phishing attacks can also occur through phone calls, texts, instant messaging, or malware on your computer which can track how you use your computer and send valuable information to identity thieves. It is important to be vigilant at all times and remain suspicious of sources that ask for your credentials and other personal information