Phishing and security

Phishing is a scam to obtain your password and your account with a fraud.

Scammers will lie to you talking about account expiration, reporting errors, or any excuse to send you to a fake site similar to our one and, if you write your password there, they will collect it and use it.

Protect your account
Someone stole your account?

Protect your account

Protect your account from scams following two basic principles: check the page that asks for your password and never email your password to anyone.

Check the page

Before input your password in a website, check the domain: it's visible in the first part of the website address you are on and it must be in unimib.it domain.

  • valid websites are (the domain is in bold)
    • https://site.unimib.it
    • https://idp-idm.unimib.it/idp/profile/
  • if you don't feel safe, don't insert your password

More often than not you'll get on the IdM page, with the URL https://idp-idm.unimib.it/ and this look:

University Digital Services authentication screen

Don't share your password

Don't share your password and never send it via

  • email
  • phone
  • chat

or any way that is not a legit authentication page.

Our staff will never ask your password: if someone says to be part of our staff and asks for your password, consider this a scam and do not share it.

If your account is compromised

If you don't feel safe with a website, don't use your credentials. Ask our IT services and we will tell you if it's ok.

If your password is already compromised change your password immediateli and alert our IT services.

Contact the IT services
Change your password
by Sistemi informativi, last updated on 20/04/2023