Recent Increase in Phishing Attempts Targeting Personal Email Accounts
Recently, IT Security has received reports from fellow 'Canes that cybercriminals have begun using social media to target personal email accounts for phishing* attempts to gain access to miami.edu email accounts. Cybercriminals are sending messages to personal email accounts threatening to terminate your miami.edu Microsoft Office 365 account unless action is taken. This is how the scam occurs:
- Cybercriminals target social media accounts, e.g., LinkedIn, Instagram, Facebook, to find your personal email address along with information about where you work or go to school.
- Cybercriminals then send an email to your personal email account (Gmail, Yahoo, etc.) stating your UM Microsoft Office 365 account will be deactivated. This is an attempt to trick you into providing your UM information (e.g., CaneID, email address, cell phone, password, Duo MFA access code), and, subsequently, gaining access to our network.
This scam creates a sense of urgency and tricks people into giving up their personal information. We are reminding all UM community members to stay vigilant, and do not fall for these types of phishing scams.
As a reminder, the University will never ask you to provide sensitive information via email and/or online form. Also, remember to never provide Duo MFA access codes into any online forms; the only time you should provide your Duo MFA access code is when you request access to a UM system, such as your miami.edu email.
To protect yourself and our University from potential harm, please be on the lookout for this latest phishing attempt:
|
|
|
|
|
Review this infographic to understand the anatomy of a phishing email. At all times, the best way to avoid scams and to protect your personal information is by following cybersecurity best practices.
Report Suspicious Activity
If you're suspicious of a message, please forward the suspected phishing email to phish@miami.edu or report it using Outlook's "Report Message" feature to notify the Enterprise IT Security Operations team. (Learn more.)
If you have any questions or concerns, please contact the IT Service Desk – Coral Gables/Marine: 305-284-6565 or help@miami.edu; UHealth/MSOM: 305-243-5999 or help@med.miami.edu.
*Phishing (pronounced "fishing") is a form of fraud, in which an attacker tries to learn private information (such as login credentials) by masquerading as a reputable entity or person (usually via email). To learn more about phishing and how to stay safe online, visit: it.miami.edu/phishing.
|
|
|
|
