No legitimate business or organization will ask you to send your password, account information, social security number, or other sensitive data over email. NEVER respond to an email requesting personal, financial, or other protected information, even if it appears to be from UW, your bank, or another trusted institution.
One of the most common forms of a phishing attack in higher education environments is official looking emails claiming to be from the university’s technical support team and usually taking the form of a message asking for your user ID and password, with a threat of account deactivation if you fail to reply. These specifically crafted phishing attempts are primarily focused on gaining access to email accounts to enable them to send malicious emails to other systems with the appearance of coming