UW–⁠Madison Information Technology
Connecting & supporting our digital campus
fish caught in a net

Financial aid phishing attempt hits a UW System school

Posted by Kim Miller on January 21, 2020

This article was published on January 21, 2020 and has not been updated since. It remains published for archival purposes, but its subject matter may be out of date.

On January 10, UW–Madison students received an email message from cybersecurity-cio@cio.wisc.edu in regards to a financial aid phishing attempt that occurred at another UW System school. There are no reports of it on our campus. 

This sophisticated phishing scam involved an email and a website that mimicked those of the impacted university. Students received an email urging them to review their financial aid accounts for missing information by clicking on a link that appeared to come from the university’s financial aid page. Instead, the link took them to a look-alike page controlled by the phishers. 

The phishing attempt looked similar to the example below. Again, this did NOT occur on our campus. Please review the areas that can help you identify a phishing email.

Example of a phishing email attempt

Example of a phishing financial aid email to students

If the UW–Madison Office of Student Financial Aid requests additional information from you, the request will come from an @finaid.wisc.edu or @em.wisc.edu address and it would direct you to a Verification Portal where you would enter your NetID, password and authenticate with multi-factor authentication. 

Example of a legitimate email request 

From the UW–Madison Office of Student Financial Aid, requesting documentation:

Example of a legitimate email from the Office of Student Financail Aid

If you receive a message from Financial Aid and you’re not sure of its authenticity, please contact them at finaid@finaid.wisc.edu or call 608.262.3060.

Anytime you receive an email request that looks suspicious, do not respond to it or click on any links. Instead, please check for the classic email phishing signs and report suspicious email to the Office of Cybersecurity. You can do this by:

  • Forwarding the email to abuse@wisc.edu 
  • Or by using the “Report Spam” or “Report Phish” feature within the Office 365 web or desktop email client

If you are ever unsure whether an email message is legitimate, do not respond to it. Contact the DoIT Help Desk at https://kb.wisc.edu/helpdesk/ or at 608.264.4357 for advice. The UW–Madison Office of Cybersecurity will then block the criminal element from sending further emails and gather evidence for eventual prosecution of the crime.