connect. communicate. collaborate.
  • Home
  • SECURITY ALERT: Phishing emails focus on returning to workplace

SECURITY ALERT: Phishing emails focus on returning to workplace

Criminals are targeting remote workers with fake emails about returning to work, according to the KU IT Security Office (ITSO). While KU doesn’t appear to have been targeted yet, it is possible that KU faculty or staff may receive these emails in the future.

The fake emails appear to come from an internal department and purport to provide information on returning to the workplace. The emails may include safety protocols and require that employees acknowledge receipt of the message by completing a form. The email may include an attachment or links to a fake web page that impersonates the organization’s internal messaging system and human resources department. The intent of the phishing email is to steal your login credentials.

To protect yourself, make it a habit to closely check the “from” address on emails you receive, especially those that ask you to take action by opening an attachment or clicking a link. Criminals trick recipients by including the name of a legitimate organization in fake email and web addresses. The email address or link may look real at first glance, but closer examination shows it is fake. For example, a fake “from” address may be represented as "KUHRdept@gmai.com" or  "hrdept@ku.edu.ly"

What should you do?

Microsoft Outlook provides a new way to report suspicious or spam emails. Beginning Monday, Dec. 14 in your Outlook ribbon, you will see a “Report Message” button in the desktop client or a “Junk” button when accessing email online. Clicking on the button opens a menu with options to report “Junk” (spam) or “Phishing” messages.

Outlook desktop client:
View of Outlook client ribbon showing Report Message option


Office 365 Outlook in web browser:
View of Junk button in Outlook web browser


We encourage you to use this self-service option in Outlook to report suspicious or spam emails, as it provides the fastest way to block harmful and annoying messages.

Note: If you click on a link or open an attachment in a suspicious email, we encourage you to contact ITSO immediately at abuse@ku.edu.

To learn more about how to spot malicious emails, visit Stay Safe Online by the National CyberSecurity Alliance. If you have questions or concerns about email protections at KU, contact the IT Security Office at itcsc@ku.edu.


KU IT on Twitter  KU IT on Facebook  KU IT on Instagram

Technology Help

Call KU IT Customer Support

785-864-8080
Phone support
Multi-factor authentication and password reset help 24 hours a day.

Email KU IT Customer Support

itcsc@ku.edu
Support via Email

Faculty/Staff Support

Faculty/Staff Support
Technology Support Centers

KU IT Knowledge Base

Knowledge Base
FAQs & More

Submit Help Ticket

Submit Help Ticket
Online Help

Call KU IT Customer Support

913-626-9619
Phone support

Email KU IT Customer Support

kuec_support@ku.edu
Support via Email

KU IT Knowledge Base

Knowledge Base
FAQs & More

Request Edwards IT Support

Request Edwards IT Support
Online Help

Comments or ideas on how we can serve you better? Send us your feedback!

KU Today