Ongoing phishing emails aimed at Northern Arizona University accounts have prompted warnings from Information Technology Services.

Phishing refers to emails that use a fraudulent process of attempting to acquire sensitive information such as usernames, credit card details or other secure information. Spear phishing is targeted phishing attacks, where those in higher level administrative or financial roles are the specific target of an attack. These emails may be received from what looks like an official, trustworthy NAU account and take a user to a site that looks authentic. Employees should always verify by phone any urgent requests regarding personnel, financial or other information, even if they appear to be from an authorized person.

NAU ITS will never send an email containing a link requesting your username and password.

Your personal identification and financial information (such as payroll) might be at risk if an attacker gains access to your NAU accounts. Unauthorized access to your accounts also may allow attackers to gain access to other NAU confidential information and cause further harm.

Employees with questions about the legitimacy of an email may contact the Solution Center at (928) 523-1511.