Library confirms EZProxy phishing scam

Some university members have recently received an email with “Off-Campus Access” in the subject line that claims to be from the Library and notifies them that their “off-campus access to electronic resources is expiring soon”. (See image below.) Please note: This is **NOT** a legitimate email; it is a “spear phishing” scam, which is a targeted attack focusing on institutions like UT Southwestern that often use identifying information (like the actual name of the Information Security Officer of the institution or specific information about you) to create trust. This email should be deleted.

This is a reminder that the UT Southwestern Health Sciences Digital Library and Learning Center will:

  • Never ask for a user ID or password
  • Never notify users to update their account information via email

Here are some security tips directly from UT Southwestern Information Resources:

  • Don’t click on links in emails from people you don’t know. You can move your mouse over links to view the true destination. If you don’t recognize the website, don’t click on the link.
  • If you don’t recognize the sender of the email and/or the account is not from a UT Southwestern account, delete the message. Think before your act.
  • Be wary of “official” emails that contain grammatical errors or spelling mistakes.
  • Be cautious about opening any attachment or downloading any files from any email you receive, regardless of who sent them.
  • Be suspicious of any email with urgent requests for personal financial or sensitive information. Legitimate companies do not ask for this type of information via email.
  • UT Southwestern Medical Center Information Resources will never ask for a username and password in an email.

If you are unsure about the legitimacy of an email, contact the IR Service Desk or your departmental support. Forward spam or phishing emails to spamreport@utsouthwestern.edu.

spam