Phishing | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Phishing

Phishing Alert: Fake Email Scam Mimics Pitt Passport Login Page

Friday, May 20, 2022 - 22:05

 

Pitt Information Technology has identified a new email phishing scam targeting University students, faculty, and staff. The scam claims you have a new important message and prompts you to click a link to view it. The link directs you to a webpage that mimics the Pitt Passport login page, which attempts to collect your Pitt username and password. The scam appears to originate from a University email address.

The following is a sample of the recent scam. Note that this scam message may appear in your junk email or quarantined email folder. Always use caution in responding to messages in these folders. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

From: Pitt user
Subject: Secure Message

You have 1 New Important Message

Click below to view message details.

<malicious link>

University of Pittsburgh

******************************************************************************

Clicking the link displays a webpage that mimics the Pitt Passport login page:

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Fake Covid Test Results Scam Mimics Pitt Passport Login Page

Wednesday, September 29, 2021 - 10:19

 

Pitt Information Technology has identified a new email phishing scam targeting the University. The scam typically includes the subject line “Covid Test Result” and claims to be from the University of Pittsburgh, even though it originates from an email address outside the University. The scam includes an attachment that claims to contain Covid test results. Opening the attachment directs readers to a webpage that mimics the Pitt Passport login page. If the user enters their username and password, the fake webpage then prompts the reader to enter their Duo passcode. If the scammer successfully obtains a user’s Pitt username and password, along with their Duo passcode, the scammer would have immediate access to the user’s account.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

From: University of Pittsburgh (external email address)
To: <jdoe@pitt.edu>
Subject: Covid Test 

Attachment: Covid Test Result.htm

Hi jdoe@pitt.edu 

Attached is your Covid Test Result. 

******************************************************************************

Opening the attachment displays a webpage like the one shown below that mimics the Pitt Passport login page:

Fake Pitt Passport Login Screen

Entering a username and password then displays a fake Duo Mobile page like the one shown below that prompts the user to enter a Duo passcode:

Fake Duo Prompt

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Voicemail Notification Scam Links to Malicious Website

Tuesday, June 15, 2021 - 08:44

 

Pitt Information Technology has identified an email phishing scam targeting the University that claims to contain a link to the recipient’s voicemail recordings. The link in the email directs users to a fake Microsoft webpage where they are encouraged to a click another link to listen to their recordings. These scams may be sent from compromised accounts of Pitt users.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

Subject: Voicemail Records Notice !!!

Attention Faculty/Staff/Student;

You have a Microsoft Voicemail Records from University of Pittsburgh Microsoft Technology  <CLICK HERE> to listen

ITS Help Desk

Office Portal

©2021 University of Pittsburgh Microsoft Outlook Services All Rights Reserved.

******************************************************************************

Clicking the link in the email takes the reader to a fake Microsoft page like the one shown below:

Clicking the link to listen to the voicemail recordings takes the reader to a fake Office 365 login page that attempts to capture the reader’s password: 

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Employee Evaluation Scam Links to Harmful Online Form

Monday, December 14, 2020 - 10:27

 

Pitt Information Technology is responding to an email phishing scam that mimics an employee evaluation notification from the University. The email informs the recipient that a file has been shared with them via OneDrive. The email includes an attachment that links to an online form, which then prompts the recipient to enter their username and password.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

If you entered your username and password into the malicious website, please reset your University password as soon as possible.

******************************************************************************

Example of Phishing Scam

******************************************************************************

Opening the attachment displays a message like the one shown below:

Clicking the link contained in the attachment opens an online form similar to the one below that attempts to collect the recipient’s username and password.

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Email: Reporting and Message Headers

Quick Links: Getting Started I More How-to

Pitt Information Technology provides IT tools and services to support your studies and simplify your life.

Phishing Alert: Library Account Expiration Notice

Monday, December 21, 2015 - 14:20

 

Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims access to your library account is expiring and you must click a link to log in and reactivate your account. 

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Dear User,

Your access to your library account is expiring soon. To continue to have access to the library services, you must reactivate your account. For this purpose, click the web address below or copy and paste it into your web browser. A successful login will activate your account and you will be redirected to the library homepage.

<URL REMOVED>

If you are unable to log in, please contact the Technology Help Desk at help.desk@pitt.edu for immediate assistance.

 

Sincerely,

 

Access & Delivery Services

University of Pittsburgh

3960 Forbes Ave, Pittsburgh, PA 15260, United States

Phone:+1 306-966-6005

******************************************************************************

The link in the phishing email directs readers to a malicious Web page that looks similar to the page shown below. The page attempts to collect your username and password.

library phishing scam

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers a free version of Malwarebytes for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.

Phishing Alert: Mailbox Almost Full Scam

Friday, October 9, 2015 - 10:37

Pitt Information Technology is responding to a new email phishing scam that claims your mailbox is almost full. The email asks you to click a link to re-validate your mailbox and claims that you may not be able to send or receive mail until you do. Clicking the link actually takes you to a harmful webpage.

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: Your mailbox is almost full.

Your mailbox is almost full.

Quota bar scam

Dear pitt.edu User

Your mailbox has exceeded the storage limit set by your administrator, you may not be able to send or receive new mail until you re-validate your mailbox To re-validate your mailbox please CLICK HERE (URL removed):

System Administrator

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all users install Antivirus (Symantec Endpoint Protection) software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, Pitt IT offers a free version of Anti-Malware (Malwarebytes) for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at myPitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.