͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­   ‌
System Offices Massmail
     
   

Security Alert – Social Engineering Attempt Targeting Employees via Text Message
May 19, 2025 10:02 AM

Dear colleagues,

We are making you aware of a recent social engineering attempt targeting employees via text message.

The messages are similar to this:

"Hi , let me know if you received my text. - Thanks, "

Please be aware that these messages are not legitimate. This is a fraudulent attempt to impersonate university leadership and solicit responses from unsuspecting recipients in order to bypass existing information security protections.

How to protect yourself:

  • Verify before you respond: If you receive unexpected messages that appear to be from university leadership or colleagues, confirm the purported sender’s identity through official communication channels (e.g., email, campus directory).
  • Do not click links or reply: Avoid clicking on links, replying (even if the message request that you “text STOP” to end message), or providing any personal or sensitive information via text.
  • Look for red flags: Generic greetings, unexpected requests, urgency, or unusual communication methods (like personal texts) are common smishing tactics.
  • Report suspicious messages: Forward any suspicious texts to 7726 (SPAM). This helps your wireless provider spot and block similar messages in the future. If the message appears to come from within the university, please email your cybersecurity office with the content of the message, the phone number it came from, and when you received it. Cybersecurity offices: Chicago security@uic.edu, Springfield security@uis.edu, Urbana-Champaign/System Offices security@illinois.edu, UI Hospital: uihealthiso@uic.edu
  • Make sure your smart device OS and security apps are updated to the latest version.

The University of Illinois System and its universities, including but not limited to leadership, police, HR, IT, or helpdesks, will never request sensitive information or urgent actions via unsolicited text messages or non-official communication channels.

Your vigilance is crucial in keeping our university community safe from cyber threats.

Additional resources:

University Cybersecurity Offices: ChicagoSpringfieldUrbana & System Offices

wikiHow: What Does Smishing Mean? How the Scam Works & Ways to Protect Yourself

Apple: Block phone numbers, contacts, and emails on your iPhone or iPad

Google: Block senders & report spam in Google Messages

Federal Communications Commission: Avoid the Temptation of Smishing Scams

Federal Trade Commission: How to Recognize and Report Spam Text Messages

Sincerely,

Kim Milford
Chief Information Security Officer
Chief Privacy Officer
University of Illinois System Offices
University of Illinois Urbana-Champaign
University of Illinois Springfield

Shefali Mookencherry
Chief Information Security Officer
Chief Privacy Officer
University of Illinois Chicago

Murad Dikeidek
Head of Cybersecurity
University of Illinois Hospital & Health Sciences System

   
     
   
This mailing approved by:
Office of the President

sent to:
Academic Professionals, Civil Service, Faculty & Extra Help
   
     
 
Massmail Archive     Powered by Webtools