Skip to main content
Skip to main content

IT Division - News

Phishing Scams


Email and Phishing scams are a way of life in the digital world we rely so heavily on today.  While WKU’s email filters catch and block a large number of these types of emails, they cannot all be blocked. The best defense is user knowledge and wariness. The simple rule is “Do not respond to, download files from, or click on links within any unsolicited email from a sender you do not know”.  If you are unsure about any email to which you are tempted to respond, contact the IT Help Desk for help verifying authenticity. Recently, there have been a number of email scams sent to WKU email users which promise money for “work from home” or “acting as a secret Walmart Shopper”, etc.  These typically want you to send money after they have sent you a fake check or counterfeit money order payment. These are scams that you should delete.

Phishing scams try to lure you into giving up your username, password, or other sensitive information by masquerading as someone you know and trust. They may ask you to click a link, open an attachment, or reply with your personal information.

The most common phishing attack we see is an attempt to steal WKU usernames and passwords. The email may claim to be from the IT Helpdesk and even include a WKU logo to appear more convincing. It may insist you “update” your account by clicking a link, which actually leads to a malicious login page.

If an attacker can convince you to enter your username and password, they can gain complete control of your account. They can then read your email, send malicious messages posing as you, and potentially access other University systems using your identity.

Is it Phishing?

  • Be suspicious of email that is “Urgent” or requires “Immediate Action”.
  • Be suspicious of attachments and only open those that you were expecting.
  • Be suspicious of email from a friend or colleague that looks odd or out of place.  If their email account has been compromised by an attacker, it could be used to send phishing email.
  • Examine from “From:” email address.  Often the “Display Name” will say something that looks familiar, but the underlying email address (with the “@” sign) is obviously foreign or nothing you recognize.
  • Examine the underlying URL on any links.  Regardless of how the link is labeled in the email, the underlying link on a Phish email will usually not be a “” address.  

If you receive a phishing email, you should delete it.  To notify IT, you can forward the email to

If you have any questions, please contact the IT Helpdesk.

Latest Headlines
Wireless Direct and Personal Printers
Cisco Phone Implementation Nearing Completion
New Ogden College Hall Opens for Spring 2018

The newly completed Ogden College Hall opened on the first day of the Spring term for 2018. The official dedication of the building, which replaces Thompson North Wing, will be 2/19/18. The WKU community is invited to attend the dedication.

Featured Articles

No Featured Articles for this category

Note: documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view,
download Adobe Acrobat Reader.

Note: documents in Excel format (XLS) require Microsoft Viewer,
download excel.

Note: documents in Word format (DOC) require Microsoft Viewer,
download word.

Note: documents in Powerpoint format (PPT) require Microsoft Viewer,
download powerpoint.

Note: documents in Quicktime Movie format [MOV] require Apple Quicktime,
download quicktime.

 Last Modified 9/25/14