A university-wide e-mail was sent out last Wednesday warning students that they not be misled by a website mimicking the WyoWeb login portal.

According to the e-mail sent out by the IT department, the webpage was intended to steal private information from users thinking they were logging into the WyoWeb page.  

“A serious phishing scam has been identified in which an unauthorized website that looks very similar to WyoWeb has been created to apparently steal UW usernames, passwords and potentially other personal information,” the e-mail said.

While these claims have yet to be confirmed, the website was quickly blocked, and a warning was sent out once it was discovered by workers in the IT department. Maggie Morrison from the IT Client Support Services confirmed that the site was dealt with as soon as the department detected it. She was unable to confirm the details of the spoof site itself. 

“I’m not aware of how the spoofed site came into existence, but I do know what we did once we received word of the site,” she said.

Screenshots of the alleged spoofed site were included within the e-mail sent to alert students and faculty. The site itself appeared to be almost identical to the actual webpage, although upon closer inspection the differences in the placement of content boxes and text within the login fields showed minor differences.

There have been no criminal charges filed, and the source of the website remains unclear. A Jan. 21 article on the official IT department blog noted that the site could not be known. 

“Someone went to a web hosting company and created the domain name of mywyoweb.net. They then copied what WyoWeb (the real one) looked like and started sending that page along to user’s at the University of Wyoming.” To what extent any student or staff data was stolen has also not been determined,” the blog reads.According to the blog, phishing is a serious problem on the web, and offers advice to avoid becoming a victim. The post explains, “nobody should ever send you an email asking for your account information.  If you get that email, delete it, let it go, it is a phishing attempt and should be classified as unnecessary SPAM. To keep yourself safe, use secure passwords, over 8 characters and include a symbol or a capital or both.”

Email: