The University of Delaware has received notification that several phishing scams are targeting TIAA retirement participants at multiple universities and institutions.

The phishing scams are designed to trick TIAA customers into clicking a link and surrendering the credentials to their retirement accounts.

The scams arrive as email that includes a TIAA logo, a subject heading of “Important Security Notification,” and claim that you need to click a link to log in to your account and repair a security problem.

As of Sept. 1, only one instance of this identity theft scam has been seen at UD.

No reputable institution will ever send you email asking you to click a link to verify account information. If you receive such a message, contact the institution using published directory information. Do not just click a link in an email message.

More information about this phishing scam is available in the Secure UD Threat Alerts blog.

Perhaps the best strategy for protecting against this form of identity theft is to use two-factor authentication (2FA) to protect all your accounts: UD, banks, financial partners, Amazon, Google, Yahoo.

University employees and students can contact the IT Support Center for further information.