Ask Us logo

Quick Links

Phishing at UH

What is phishing (pronounced "fishing")?

From Wikipedia: phishing is "the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication."

Phishing is usually implemented via email or instant messaging but any electronic messaging system may be used, e.g. Twitter. Phishing emails are usually spammed (sent via bulk, unsolicited email) or could be targeted to a specific organization or group. After obtaining usernames and passwords, cyber criminals could impersonate the owner of the compromised account, steal confidential information, send more spam, and commit other criminal activities.

If you receive phishing email (which may look authentic and legitimate) requesting sensitive information (e.g. usernames, passwords, email addresses, bank account numbers, date of birth, etc.):

  • DO NOT REPLY to the email. Replying (even to tell the spammer to stop) tells the spammer that your email address is valid.
  • DO NOT PROVIDE any sensitive information, especially if the email is unsolicited or from an unknown user.
  • DO NOT CLICK on any links/images/attachments contained in the phishing email. Malware may be downloaded and installed on your computer.

After a targeted phishing email is reported, Information Technology Services (ITS) may choose to implement protective measures such as:

  • investigating new phishing attempts
  • blocking the email address from sending to UH
  • blocking the reply email address from receiving from UH
  • contacting users who replied to the phishing email before it was reported and blocked
  • blocking access to suspicious websites that are linked within the phishing email
  • posting new phishing email on the Security Alerts website at

Please go to under the Security Alerts section to check for the latest phishing attacks targeting UH usernames.

If you would like to receive phishing notices by email, go to and subscribe to our phishing-alert email list.

General guidelines for reporting spam/phishing

More information

What is ITS doing about spam?

What can I do about spam?

Spam at the University of Hawaii

Security (or lack of it) on the Internet (Spam and Phishing)

Please rate the quality of this answer: Poor Fair Okay Good Excellent
Not the answer you were looking for? Try different keyword combinations and if you still can’t find your answer, please contact us.
Article ID: 966
Created: Tue, 24 Feb 2009 1:36pm
Modified: Thu, 12 Jul 2012 11:34am