At the start of each academic year, we usually see a variety of attempts by scammers and other miscreants to try and steal your credentials, get you to give up money or personal information, or get you to run malware. This term is already up and running with a “Covid Test” phishing campaign.

Make sure that you treat unsolicited emails with skepticism. We have seen scammers trying to impersonate authority figures on campus or even your department – often with a bogus external email address. Be wary of emails that ask you for personal information, ask you to click on links that require you to provide login/password information, suspicious attachments and other telltale signs of phishing scams. OIT has a good page to help you recognize email scams:

Contact the CAT if you are unsure if a piece of mail is legitimate or not.

If you have identified a scam email, we suggest:

  1. Using Gmail in a web browser, mark it as phishing. This helps Google to better detect this type of attack. OIT has some instructions on how to do that:

  2. Forward it to

Let us know as well. We’d like to have warnings about suspicious emails that our users are encountering.