We subscribe to services that monitor when UFV email accounts are exposed as part of a data breach. These breaches can and do occur regularly. Lately, several UFV employee email addresses have been used to create third party accounts, and several of these accounts have been reported as exposed. Exposed information often contains names, email addresses and, in some cases, passwords or other confidential data.
If you have been exposed as part of a data breach, you will be contacted by our cybersecurity team with details and next steps.
As a best practice, please refrain from using your UFV email address for 3rd party accounts and applications.
There have been numerous reports of phishing attempts that appear as emails from UFV employees. They are cleverly crafted using a UFV employee's name and email signature. Often, these messages are asking you for an urgent favor and/or to reply immediately. Examples of requests include reviewing an attachment or purchasing gift cards.
Pay close attention to the time the email was sent as they are often sent from early morning or late at night. The name in the 'From:' field may not match the email address.
Forward these phishing attempts to firstname.lastname@example.org, and delete them immediately. Do not respond or click any links.
There have been a number of recent email-based phishing attempts in which recipients are requested to provide their login credentials. While many of these campaigns look obviously suspicious, some have been very carefully crafted so as to appear to be genuine.
Please be advised that IT Services will never request users to divulge their login information via email. If you are the recipient of such an email request, please ignore it and delete it. If you suspect that you may have been a victim of such a phishing attempt, you should change your password immediately.
For more information about phishing and to learn how to protect yourself, check the ITS knowledgebase.
Ensure your accounts are secured with a strong password — at least 10 characters that include a combination of uppercase, lowercase, numeric and special characters. Be sure to use a different password for each online account. If one password is compromised, your other accounts are still protected. Keep your passwords to yourself, treat them like the keys to your home.