Legitimate Email that Might Appear Phishy

You may, out of an abundance of caution, miss some legitimate email because it appears phishy—particularly email from outside vendors and organizations the university has contracted with for benefits and other services. If you are unsure about a particular email that mentions a U-M unit, you can contact that unit to see if they sent the message. You can also contact the ITS Service Center for help.

Members of the university community have reported emails from the senders below as suspicious in the past, and university offices have assured Information Assurance that they are legitimate communications.

  • CyberScout. If you enroll in the U-M Legal Services Plan, you will also receive credit monitoring and identity theft services. These additional services are provided by CyberScout. After you enroll, you will receive an email from the CyberScout with instructions to activate your enrollment in the additional services. Human Resources has posted this sample of the CyberScout email.
  • Hyatt Legal Services. If you enrolled in the U-M Legal Services Plan benefit available through U-M Human Resources, you may receive emails from Hyatt Legal Services. The university contracts with Hyatt Legal Services to provide this benefit. Human Resources reports that Hyatt Legal Services last sent a New Membership Number email to new plan enrollees January 25 and 26, 2018. Human Resources posted information about this mailing at U-M Legal Services Plan. In addition Hyatt sent a paper letter to enrollees with their membership number at their home address on Monday, January 29, 2018.
  • iThenticate. The U-M Office of Research (UMOR) provides the iThenticate plagiarism detection service to faculty on the Ann Arbor campus. Details are at Plagiarism Detection on the Research Ethics & Compliance website. UMOR provides updates of eligible faculty to iThenticate twice a year, and then iThenticate sends an automated message from "noreply@authentidate.com" with a subject line of "Account Created" to those faculty about their new accounts. "Account Created" emails were most recently sent in November 2017.
  • LinkedIn Learning (formerly Lynda.com). Email with the subject "Regents of The University of Michigan has given you access to LinkedIn Learning" was sent to Lynda.com users at U-M on June 20, 2019, asking them to activate new LinkedIn Learning account (screenshot of 6/20/19 email). This email is legitimate; it is safe to activate your account. U-M Human Resources licensed access to the online learning provider Lynda.com for members of the U-M community (Lynda and Michigan Online for U-M Employees). Lynda.com was purchased by LinkedIn in April of 2015. LinkedIn has now rebranded Lynda.com as LinkedIn Learning.
  • OCAX-C28402 Use of Chaperones during Sensitive Exams, Procedures and Care. All clinical and non-clinical employees working in Michigan Medicine patient care areas are required to take training administered through MLearning on Michigan Medicine's chaperone policy. This training was introduced in June 2019 (see Organization to Launch New Chaperone Policy). Email about the required training is sent from mlearninginfo@med.umich.edu and has a subject line of OCAX-C28402 Use of Chaperones during Sensitive Exams, Procedures and Care training has been assigned to you. This email is legitimate (see sample of OCAX-C28402 email). It is important that those who receive this email complete the training assignment.
  • smartAHD. The U-M Treasurer’s Office: Depository Services  provides access to smartAHD, a depository system created by 3-East LLC for those who need it for their U-M work. If you request access to smartAHD (or someone requests access for you), you will receive a welcome email from smartAHD asking you to register and choose a password. See a copy of smartAHD user registration email (U-M login required).  Specific information regarding portal access, including examples of the portal web pages, can be found in the Deposit Station User Guide (U-M login required).