Female student looking at a large monitor surrounded by cubicles with large monitors.
  2. Inside SM论坛
  3. Computing Services and Instructional Technology
  4. UPDATED: SECURITY ALERT: Phishing scam pretends to share secure document
  2. Inside SM论坛
  3. Computing Services and Instructional Technology
  4. UPDATED: SECURITY ALERT: Phishing scam pretends to share secure document
UPDATED: SECURITY ALERT: Phishing scam pretends to share secure document

UPDATED: SECURITY ALERT: Phishing scam pretends to share secure document

Published

UPDATE: In the few moments since sending this alert, we have received additional reports of a second instance of the email phishing scam described below with minor variations.听 The variants in the new reports include:

  • The apparent sender of the message is 鈥淢isty Shane (misty_shane [at] mhu.edu)
  • The subject of the message is 鈥淸IMMEDIATE ACTION} Faculty/Staff Amended And Up To Date Catalog From President Dr. Frederik Ohles鈥
  • The attached file is a Microsoft Word document (rather than PDF) and named 鈥淣ebraska Wesleyan University Shared Document.docx鈥

In each case the body of the message is almost identical.

Again, please delete the message should you find it in your mailbox.

===================================================================

CSIT has received several reports this afternoon regarding a new instance of an old email phishing scam .听 This particular scam is one we have warned about previously, but the new variation warrants an alert.

The current scam arrives as an email message which appears to be from Jana Jones (janaj [at] mail.smu.edu) with the subject 鈥淧rofessional Program and Ethical Program for Nebraska Wesleyan University Employees鈥.听 After praising the quality, diligence and dedication of SM论坛 employees, the message goes on to note that there is room for improvement in an organization.听 The message directs the reader to the attached PDF document for details of the institutions commitment to excellence and continuous improvement. 听听The message attachment is named 鈥渘ebrwesleyan.edu.pdf鈥 and, if opened, presents a graphic which purports to be a link to a secure document.

We have seen and warned of this scam previously.听 However, this instance might appear more tempting as is comes over the signature of Dr. Darrin Good, recently named by the SM论坛 Board of Governors as the next President of Nebraska Wesleyan University. 听The link contained in the document attached to the scam email 鈥 though blocked by most web browsers 鈥 appears to go to a deceptive site which presents a fake login page designed to collect usernames and passwords.

If you have seen this message in the SM论坛 mailbox, please disregard it and delete it immediately.听 If you have already opened the attached file, but gone no further then displaying the file content, you are still safe.听 However, if you followed the embedded link in the document and attempted to logon to the site you were presented, then your account has been compromised.听 In that case, you will need to change your SM论坛 and Office 365 passwords immediately.听 If you need assistance to re-secure your accounts, contact the CSIT Office at 402-465-2341 or come to either the CSIT Office (Smith-Curtis 121) or the WITS Office (Smith-Curtis 109) for help.

As always, please handle all incoming email with caution, particularly when dealing with attached documents or embedded links.

Recent news

More CSIT news