How to recognize and report a phishing attempt

Published October 7, 2021

UB students, faculty and staff are the frequent target of phishing attempts—it’s an unfortunate reality. Follow these steps to keep yourself, and your colleagues, safe from attempts to steal your personal information.


First: know how to recognize a phishing attempt

Phishing is an attack that comes in the form of an email, phone call or other communication, designed to trick you into providing sensitive personal information like passwords, credit card numbers, social security numbers and passport details.

Phishing messages often claim to be from an official source, even though they aren’t. There are several examples of fraudulent emails in recent months that claimed to come from the University at Buffalo.

These fake emails are sometimes very convincing. But there are almost always signs that an email is not legitimate:

·         Spelling and grammatical errors—usually many of them. That’s a pretty good sign the email isn’t official.

·         Links don’t go where they say they go—hover your mouse over a hyperlink in order to see where it really leads.

·         Not addressed to you—phishing emails usually start with Customer or User, rather than your actual name.

·         Asks for a quick response—something like “You must respond in 24 hours.” This is a tactic designed to make you act without thinking.

·         Threatens dire consequences if you do not respond—sometimes these emails claim all your emails will be deleted, or you will lose out on a substantial sum of money, if you do not respond quickly.

Remember that the University at Buffalo will never ask you for your password—to log into any online UB service, navigate to the official page yourself and log in from there.

You should also know that phishing is different from spam. Spam is usually unwanted or irrelevant messages sent for the purposes of advertising. UB has a separate process for dealing with and reporting spam messages.

Received a suspicious email? Forward it to

If you see a suspicious email in your inbox, you should immediately copy the email header (see below) and forward the message, along with its details, to

Once UB’s Information Security Office knows about a phishing attempt, they can act to shut down any fraudulent links in the email, block the sender from sending any more email to UBmail addresses, and let everyone know about the threat.

What is an email header? How do I copy it?

When you forward a suspected phishing attempt to, you should always copy the email header and paste it into the body of the email you are forwarding.

An email header contains critical information about the address where the email originated. Phishing emails often come from accounts that have hacked and are being used to make the message seem more legit, and harder to trace.

If UB knows that phishing messages are coming from UBmail addresses, UBIT can take steps to secure that account and stop future messages. UB will also notify other institutions if their email accounts are being used fraudulently to send phishing messages.

This process only takes seconds, and helps make everyone at UB safer.

I think I might be the victim of identity theft! What do I do?

If you believe you’ve been the victim of a scam, and your personal information has been stolen, visit—there you can report the scam, and make a recovery plan.

Where can I learn more about staying safe online?

The UBIT website has tips for secure passwords, protecting your device from viruses, and keeping your information safe on social media.