Protect Your URI Account

Phishing attacks attempt to steal passwords, MFA codes, and personal information through fake emails, websites, and login prompts. Protect your URI account by verifying unexpected requests before responding or signing in.

ITS will never ask for your password or MFA verification code.

Quick Security Reminders

  • ITS will never ask for your password or MFA code by email, text, or phone
  • Do not approve unexpected MFA prompts
  • Verify web addresses before signing in
  • Be cautious of urgent requests or unfamiliar senders
  • Report suspicious emails to ITS

Protect Yourself From Phishing

Do Not Share Sensitive Information

Never reply to emails, pop-ups, or text messages requesting passwords, MFA codes, or financial information.

Verify Links Before Clicking

Phishing links may appear legitimate but direct you to fraudulent websites designed to steal your credentials.

Be Careful With Attachments

Unexpected attachments may contain malware or malicious links.

Monitor Financial Accounts

Review bank and credit card statements regularly for unauthorized activity.

Report Fraud

If you believe you are the victim of a scam, visit the Federal Trade Commission’s fraud reporting website:
reportfraud.ftc.gov

Spear Phishing

Targeted phishing designed to appear trustworthy

Spear phishing is a very focused form of phishing in which a specific organization or business is targeted, with tailored information being used to lend legitimacy and encourage trust.

Spear phishing often involves sending emails to addresses within a company, posing as trusted contacts and requesting information that recipients may expect to share. Such attacks are often used to harvest names and email addresses for spam campaigns or additional phishing attempts.

Always verify the identity of the person you are communicating with over electronic communication channels. Consider establishing non-electronic verification for sensitive operations like sending or receiving money.

Common Signs of Phishing

Be cautious of messages that:

  • Ask for your password or MFA code
  • Create a sense of urgency
  • Contain unexpected attachments or links
  • Ask you to verify account information
  • Come from unfamiliar or spoofed addresses

How to Report Phishing at URI

If you receive a suspicious email, report it using the Proofpoint “Report Suspicious” tool.

View instructions for using the Proofpoint “Report Suspicious” tool.

  • Never forward a phishing email to others.
  • The “Report Suspicious” tool will evaluate your submission and, if necessary, forward it to the security team for analysis.
  • You will receive a determination once the message has been analyzed.

If you believe you’ve already been impacted by a scam, contact URI Information Security directly at security@uri.edu

Be Cautious of Unexpected MFA Requests

If you receive a Duo or Microsoft authentication request that you did not initiate, do not approve it. Unexpected MFA prompts may indicate that someone is attempting to access your account.

If this happens repeatedly, change your password immediately and contact the ITS Help Desk.