Password Phishing Scam

Another fake link in an email to steal your password

This morning we have received reports of a phishing scam targeting members of the UMBC community. This scam appears to come from the Help Desk, and states that a request was made to deactivate the user's account. It includes a link to a webpage with a form to steal user passwords. Do not click this link.

From:  HelpDesk@umbc.edu
    Date: Tue, Jan 12, 2021 at 3:47 AM
    Subject:  A REQUEST TO DE-ACTIVATE user1@umbc.edu !

Always check the URL before entering credentials online. Notice that this site is not in the umbc.edu domain, despite claiming to be. In addition, you can compare it to the real login page by navigating to myUMBC without using a link to see that it does not match.

As of this writing, several people have clicked this link. If you have entered your UMBC password after clicking the link in this phishing email, change your password to something substantively different as soon as possible as your account has been compromised. Instructions for doing so can be found here: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867939.

If you do receive any email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970

Tags:

notice

Posted: January 12, 2021, 11:45 AM

Read Original Post in myUMBC

Division of Information Technology

Division of Information Technology

Password Phishing Scam

Another fake link in an email to steal your password

Division of Information Technology

Another fake link in an email to steal your password

Subscribe to UMBC Weekly Top Stories

I am interested in: