Our campus is often the target of malicious attempts to gain personal information, also known as phishing. On this page the campus Information Technology Security Office will attempt to list reported known phishing messages circulating on the campus. If you have received a message that you believe could be a malicious attempt to gain personal information but it is not listed on this page, please report it. The university will never send e-mail asking for your highly confidential data (e.g. passwords, SSNs, credit card numbers, etc.) and you should be suspicious of messages that direct you to provide this information. Although the university uses technology to block malicious e-mails and phishing websites, this technology is no substitute for being a conscientious Internet user. Help out the CU-Boulder community by reporting suspicious messages that you don’t see on the list below. Please note: this site does not report scams such as work-from-home and check scams. Learn more about these scams on the CUPD website.