The campus has recently been targeted by malicious emails that appear to be attempts to steal personal information with the promise of COVID-19 assistance payments. One such phishing email directs recipients to a malicious website that collects information like social security numbers, credit card numbers and other personal information. These emails are not authentic. If you receive one, do not click on the links in the email. Individuals who received this email should simply delete the message.
If you submitted personal information to the malicious website, please call the IT Service Center during normal business hours at 303-735-4357. If you contacted the IT Service Center about this issue via email, there is no need to call the Service Center. Someone will follow up with your shortly. For more information on the IT Service Center, including hours, visit https://oit.colorado.edu/support/it-service-center.
Following is a sample message:
___________________________
Subject: Re: COVID-19 Support Program
In response to the current hardship in the community due to the COVID-19 pandemic, The University of Colorado has decided to support all employees and students to get through these hard times.
The University of Colorado will be awarding $2,300 in assistance to employees and students as COVID-19 support, starting from today, Monday, June 28, 2021.
Visit the University of Colorado COVID-19 Support has been removed page and fill in the form correctly with the most appropriate details to register.
Note: This COVID-19 Support Program is Powered by Green Dot Corporation and The University of Colorado to help support employees and students experiencing financial hardship. Supporting the community is essential during these challenging times.
All the information requested is required for your application to be successfully processed.
Sincerely,
[sender’s name has been removed]
The University of Colorado
COVID-19 Support Program
___________________________
Be Aware
- The university will never send email asking for private data (e.g. passwords, SSNs, credit card numbers, etc.) Always be suspicious of messages asking for private information.
- If you ever receive a suspicious email, do not reply or click any links or open attachments.
- You might receive a phishing email from someone you know, particularly if that person’s account has been compromised through a phishing attack.
- It’s good practice to never click a link in an email. Instead, open a web browser and type the website address or search for it using a legitimate search engine.
Learn More
Although the university uses technology to block malicious emails and phishing websites, this technology is no substitute for being a conscientious Internet user. You can report messages that you believe might be phishing attempts by going to OIT's Report Suspicious Messages page. There you will also find a link to a site that lists recently reported phishing attempts.
If you ever have questions about the legitimacy of a message, you are welcome to contact the IT Service Center at oithelp@colorado.edu or 303-735-4357. Email and phone help is available Mondays through Fridays 7:30 a.m. to 10 p.m. Learn more about the IT Service Center.