Phishing & Scams

Criminals invent increasingly sophisticated ways to steal passwords or sensitive information.

Phishing is when criminals use malicious email and websites to try to trick you into revealing your password or other sensitive information; or infect your computer with malware. Ransomware is often initiated through a phishing email and utilizes malware.

Scams can vary in the way they are carried out, but their purpose is to try to steal passwords or other sensitive information. Scammers use methods such as robocalls, fake customer service, texts or popups to initiate contact with you.

Report Phishing

Google at U-M users can forward phishing email to [email protected]; include what Google calls the original message. Michigan Medicine Outlook/Exchange users can use a Report Phishing button. For details, see Report Phishing.

If You Get Caught

If you gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised.

  1. Change your UMICH (Level-1) password
  2. Follow the instructions at What to Do if Your Account May Be Compromised.
  3. Carefully review any online account that became vulnerable as a result of responding to the message.

Not a Phish

Why It's Important to Be Aware