Phishing attacks

In the last several weeks, the UI campus has been a target of many phishing scams that try to steal a user’s HawkID password. A number of those phishing scams have been emails that are made to appear as though they are coming from the library and inform users that their library account is expiring due to inactivity. The scam then goes on to tell the user that they need to successfully login in order to reactivate their account. When they do, their HawkID and password are captured by the scammers.

Because of this the UI Libraries has become more proactive at trying to identify compromised accounts before proxy access is denied by the vendors. We are encountering compromised HawkIDs that are using the proxy server almost on a daily basis. So, as a reminder, the UI Libraries will never ask for a user to verify their HawkID and password via an email.

To counter these scams, the Libraries has temporarily turned off an auto-login feature that was configured on our proxy server for Eduroam access. For the time being, anyone coming from the campus wireless network will have to sign on to the proxy server in the same manner as they would if they were located off-campus.

Updated: 06/15/2017