University of Oregon

Don't Get Phished!


Some Internet thieves send email messages to trick you in to giving them usernames, passwords, credit card information or other sensitive information. That's called phishing. Don’t get phished!

Winter break is a common time for scammers to contact you. Recently, the University of Oregon has seen phishing scams that look like they came from Blackboard or Human Resources. Be wary of email messages you receive during the break.

Recent phishing email messages have used these subject lines:

  • Blackboard Learn Access
  • Your Salary Review Documents 
  • Important Salary Notification 
  • Important Salary Update 
  • School Account Notificiation (sic)
  • Upgrade Notification 
  • Blackboard Learn : Important new course

If you are not sure if a message is valid, do not respond to the email or click on any links in the email. Instead, contact the Information Services Technology service desk at 541-346-HELP or

Tips to avoid getting phished

  • Be reasonably suspicious of email messages that demand urgent action or links to website that asks for your login information.
  • Don’t reply to email, text or pop-up messages that ask for your personal or financial information.
  • Don’t click on links in email messages even if it looks to be from an organization you trust.
  • Never give someone your DuckID and password via email, even if it is University of Oregon staff. UO staff will never ask for your password.

For more tips on phishing, see safely visit this webpage, type this web address into your browser.

What should I do if I get phished?

  • If you revealed your password or any other sensitive information in response to a phishing scam, immediately change your password for that account.
  • If you have other accounts that use the same or a similar password, change those passwords too.
  • If the scam involves UO usernames and passwords such as your DuckID or Duckweb credentials, email as soon as possible.