AWC, Yuma Schools Report Surge in Phishing Emails This March

A compromised account at Arizona Western College sent phishing emails that appeared to come from inside the institution, triggering a campus-wide alert and a scramble by the college's technology team that stretched through early March 2026.

AWC issued an all-college communication on March 4 after its ITSS team spent days responding to the surge. "Over the past week, our ITSS team has been working around the clock to respond to an unprecedented ... increase in phishing emails across the College, including messages that appeared to come from internal accounts," the communication read. The college confirmed "the incident involved a compromised account through a session-based phishing attack (not malware)."

The internal-looking messages made the attack particularly difficult to detect: because at least one college account had already been hijacked, recipients had no obvious reason to distrust the sender.

AWC Chief Information Officer Scott Estes offered a more measured framing of the situation. Estes told KAWC that he's unsure if he would have used the term "unprecedented," but that the college sees these types of phishing attempts on a weekly basis. The tension between the all-college communication's urgent language and the CIO's cooler read reflects a common institutional challenge: messaging that prompts action without overstating the threat.

In response, the IT department strengthened its email security posture by enhancing filtering systems, disabling click-through capabilities and expanding its safe attachments policies. AWC Chief of Staff Ashley Herrington framed the response as a collective responsibility. "Cyber threats don't take breaks, and neither can our awareness of them. Cyber security is ultimately a shared responsibility, and that's what this campaign is really about. No technical safeguard is foolproof without informed, engaged people behind it," Herrington said.

Phishing attempts were up in some Yuma and La Paz schools during the same period, though the picture across individual districts varied. KAWC reached out to each public school district in Yuma and La Paz counties and did not receive reports of increased phishing from any others. The Yuma Union High School District, which shares a technology team through an education consortium with Yuma School District One, responded that they have "been diligent over the past decade or more regarding both staying up to date on phishing attempts and keep staff trained and informed," adding that staff are subject to so-called phishing "tests" and that the district had "not been made aware of any uptick in phishing" — though noting "we are always on high alert that educators can be targets."

According to the Yuma Police Department, phishing and other scams usually trend during tax season, but they don't typically target schools. Officer Hayato Johnson said, "I personally haven't seen that often here." Johnson nonetheless urged caution for anyone receiving an unfamiliar message. "If it's something you've never seen, never dealt with, it's worth taking your time to do a little research on it than just jumping into it, answering a bunch of questions, people you don't know; it can really save you a headache in the long run," Johnson said.

AWC's campus-wide warning told students, faculty, and staff not to click suspicious links or provide passwords. Although the exact causes for phishing activity in Yuma and La Paz aren't known, AWC and the Yuma Police Department advise caution. Key questions remain unanswered, including whether any credentials or personal data were accessed through the compromised account, whether additional accounts were affected beyond the one confirmed by AWC, and whether any formal incident report was filed with state or federal cybersecurity authorities.

Questions about scope and data exposure can be directed to AWC's ITSS department, and residents who believe they received a suspicious message connected to this incident can contact the Yuma Police Department directly.