Alerts Phishing | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Alerts Phishing

Phishing Alert: Payroll Notification Scam Links to Malicious Website

Monday, December 7, 2020 - 09:56

 

Pitt Information Technology is responding to an email phishing scam that claims to be a payroll notification from the University. The email links to a malicious website that attempts to capture an individual’s University credentials and mimics a Microsoft login page. The scam originates from outside the University, but the message claims to be from a University of Pittsburgh source.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

From: Pitt <external email address removed>
Sent: Sunday, December 6, 2020 2:11 PM
To: Doe, J <jdoe@pitt.edu>

Subject: Payroll Notification 

You have a payroll update from pitt.edu Staff Portal

<link removed> to read.

Best Regards,
pitt.edu.

******************************************************************************

Clicking the link in the email takes the reader to a fake Outlook Web App login page like the one shown below:

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Outlook Webmail Update Scam

Wednesday, April 13, 2016 - 09:05

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims Webmail has been improved and you need to click on a link to update your email. The email Subject line is typically "IT Service Help Desk."

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: IT Service Help Desk.

To All Employees\Staff,  

Take note of this important update that our new web mail has been improved with a new messaging system from Owa/outlook which also include faster usage on email, shared calendar,web-documents and the new 2016 anti-spam version.  

Kindly use the link below to complete your 2016 Outlook Webmail User authentication form.

CLICK on Outlook Web Access (link removed) to update immediately.

 ITS help desk
ADMIN TEAM
© Copyright 2016
Microsoft All right Reserved.

******************************************************************************

The link in the phishing email directs readers to a malicious Web page that looks similar to the page shown below. The page attempts to collect your username, password, and domain.

Outlook Webmail scam

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

Phishing Alert: Password Expiration Scam from Pitt Address

Tuesday, April 5, 2016 - 11:32

 

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims your password will expire in two hours and you must log in to change it. The message will appear to come from a @pitt.edu email address and may use the Subject line "URGENT IT MESSAGE".  

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

From: JaneDoe @pitt.edu

Subject: URGENT IT MESSAGE

 

Attention,

Your Password Expires in 2 hours you are to change your Password below via the ACCOUNT MANAGEMET PAGE.

Click on CHANGE-PASSWORD <link removed>

If Password is not changed in the next 2 hours your next log-in access will be declined.

If you do find any difficulties to Changing your Password please contact the ITS Helpdesk.

 

Regards,

ITS Helpdesk

******************************************************************************

The link in the phishing email directs readers to a malicious Web page that looks similar to the page shown below. The page attempts to collect your username, password, and departmental information.

Phishing scam

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

Phishing Alert: "Tip Top Delivery" Scam for Overdue Invoice

Friday, March 18, 2016 - 14:04

 

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims to contain an overdue invoice or account notice. The message typically has a Word or RTF (rich text format) attachment, and its Subject line usually includes the phrase "Tip Top Delivery." The attachment includes harmful macros that, if enabled, will install malicious software on the recipient's computer.

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

*****************************************************************************

Tip Top Delivery Phishing Scam

******************************************************************************

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

Phishing Alert: Unusual Sign-in Attempt Scam

Tuesday, December 1, 2015 - 10:07

 

Computing Services and Systems Development (CSSD) is responding to an email phishing scam that claims an unusual sign-in attempt has been detected on your Webmail account and that you should click a link to verify your account and confirm your location. The email message appears to come from an external email address. 

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: Helpdesk & Support Updates

Webmail account

Unusual sign-in activity

Dear User,

Attention! Your Webmail Account has been violated! Login from IP address 12.34.567.89 was detected to access your personal webmail. Please click and confirm the link below for re-confirm of your location. Click here (link removed) to verify your account Thank you for your patience and understanding.

Technical Support

******************************************************************************

The link in the phishing email directs readers to a fraudulent Outlook Web App login page similar to the page shown below. The page attempts to collect your username and password.

 Fake Outlook Web App page

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers a free version of Malwarebytes for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

 

Phishing Alert: DHL Letter Pick-up Scam

Monday, November 23, 2015 - 14:41

 

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims you have letters from the University of Pittsburgh that are ready to be picked up. The “From” line of the email address imitates a DHL.com email address. Clicking the link in the message eventually directs you to a harmful Web page that attempts to collect your University Computing Account email address and password.

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: Please visit our office!

Good day!

You have (2) Letters from University of Pittsburgh.

Kindly click: Here <LINK REMOVED> for pick-up details.

Thank You!

Mail.dhl.com

******************************************************************************

The link in the phishing email directs readers to a pop-up message informing them they have been signed out of their email account and must click within the pop-up message to sign in again.

 DHL pop-up scam

Clicking OK within the pop-up message takes the reader to a malicious Web page branded to look like a DHL page (see below):

 DHL scam

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers a free version of Malwarebytes for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.