Webmail | Information Technology | University of Pittsburgh
!

You are here

Webmail

Phishing Alert: Mailbox Almost Full Scam

Friday, October 9, 2015 - 10:37

Pitt Information Technology is responding to a new email phishing scam that claims your mailbox is almost full. The email asks you to click a link to re-validate your mailbox and claims that you may not be able to send or receive mail until you do. Clicking the link actually takes you to a harmful webpage.

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: Your mailbox is almost full.

Your mailbox is almost full.

Quota bar scam

Dear pitt.edu User

Your mailbox has exceeded the storage limit set by your administrator, you may not be able to send or receive new mail until you re-validate your mailbox To re-validate your mailbox please CLICK HERE (URL removed):

System Administrator

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all users install Antivirus (Symantec Endpoint Protection) software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, Pitt IT offers a free version of Anti-Malware (Malwarebytes) for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Webmail Certificate Scam

Thursday, October 8, 2015 - 19:14

 

Computing Services and Systems Development (CSSD) is responding to a second wave of an email phishing scam that claims your Webmail certificate has expired. The email asks you to click a link to renew the certificate. Clicking the link takes you to a harmful Web page that attempts to collect your University Computing Account username and password.

The following is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email.

******************************************************************************

Subject: Your Webmail account Certificate expired on the 02-10-2015.

Your Webmail account Certificate expired on the 02-10-2015. This may interrupt your email delivery configuration, and account POP settings, page error when sending message.

To re-new and upgrade to your new edu webmail Certificate, Please take a second to update your records by link below or copy and paste link

[URL Removed]

account will work as normal after the verification process, and your webmail Certificate will be re-newed.

Sincerely,
Webmail Admin

******************************************************************************

The link in the phishing email directs readers to a page that looks similar to the page shown below.

Webmail certificate scam fake login page

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers a free version of Malwarebytes for individuals and departments. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.