You are seeing this page because you clicked a link in an email that wasn’t what it seemed.

Phishing emails entice you with attractive offers, or scare you with threats of loss, to trick you into visiting a malicious site and, often, handing over sensitive info. Had the email you received been an actual phish, clicking the link likely would have infected your computer or device with a "drive-by download". These malicious software programs are installed silently and attempt to steal your passwords, personal information, or even lock you out of your device.

If you suspect you've received a phishing email, forward it to postmaster@utexas.edu and notify your local IT staff.

Let’s learn how you can detect phishing attacks like these so you don’t get caught by a real attack.

Desktop

Several clues should lead you to think twice about the legitimacy of this email: its sender address, threats of immediate and dire consequences, and its lack of any links to legitimate UT websites. Let's look at the hard evidence:

Phishing message displayed on a desktop computer
  1. The sender may sound legitimate ("Post Master") but the sender's actual address ends in webaccess-email.com, which is not an official UT domain, such as utexas.edu.
  2. Angry red letters with urgent language are meant to convince you that immediate action is necessary.
  3. The message is not addressed to you but is instead addressed to a generic "UT Mail Box user".
  4. The body of the message is strangely worded and uses improper punctuation and capitalization. Most University communications are proofread and use standard grammar and English conventions.
  5. Hovering over this link with your mouse before clicking it reveals that it points to webaccess-email.com, which is not part of the University’s official utexas.edu web presence.
  6. There is no department called "Operational Technology" at the University.

Mobile

Several clues should lead you to think twice about the legitimacy of this email: its sender address, threats of immediate and dire consequences, and its lack of any links to legitimate UT websites. Let's look at the hard evidence:

Phishing message displayed on a mobile device
  1. The sender may sound legitimate ("Post Master") but the sender's actual address ends in webaccess-email.com, which is not an official UT domain, such as utexas.edu. On mobile devices, you may need to tap on the sender's name or tap a "Details" button to see the sender's actual email address.
  2. Angry red letters with urgent language are meant to convince you that immediate action is necessary.
  3. The message is not addressed to you but is instead addressed to a generic "UT Mail Box user".
  4. The body of the message is strangely worded and uses improper punctuation and capitalization. Most University communications are proofread and use standard grammar and English conventions.
  5. Long-pressing (tapping and holding for about one second) on this link before tapping it reveals that it points to webaccess-email.com, which is not part of the University’s official utexas.edu web presence.
  6. There is no department called "Operational Technology" at the University.

These clues should cast doubt on the legitimacy of the message. Always check with your technical support contacts, the UT Service Desk, or the Information Security Office before clicking links in suspicious emails, or providing information to suspicious websites.

Back to top