Phishing Alert: Scam from Fake Help Desk Address Asks Readers to “Reconfirm” Their Password | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Phishing Alert: Scam from Fake Help Desk Address Asks Readers to “Reconfirm” Their Password

Thursday, June 20, 2019 - 10:56

 

Pitt Information Technology is aware of a new email phishing scam that claims the University is performing emergency maintenance to migrate accounts, email, and Symantec Endpoint Protection. Recipients are asked to reply to the email and provide their University Computing Account username and password. The scam may include a forged “From” address that appears to originate from the Technology Help Desk.

Below is a sample of the recent fraudulent email. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at our phishing awareness page.

******************************************************************************

From: Pitt IT <helpdesk2@pitt.edu>
To: <pitt email address>
Subject: [#87900190]: Phishing Campaign / Migrating My Pitt Account / Quarantine Exercise.

Technology Help Desk - University of Pittsburgh | Phishing Campaign.
Attention: University of Pittsburgh | My Pitt & Email Account User.

Dear Madam/Sir,

University of Pittsburgh Technology Help Desk will be performing an emergency systems maintenance which includes Updating/Migrating Accounts, My Pitt & Email Symantec Endpoint Protection Communication to a new SPAM filtering service which will improve Barracuda Spam Firewall Email Security Overview and the ability to identify and block Spam / Phishing attempts and other undesirable messages that flood our email system / server on a daily basis. We have seen a recent uptick in phishing, and we want to alert you to follow the resources available to protect yourself.

University of Pittsburgh Email Account Users may see the Symantec Endpoint Protection Windows notification pop-up during the update kindly ignore.

What is required?

You are to re-confirm your University of Pittsburgh Email Account Login Details as requested below for Migration, Quarantine Exercise and Protection against SPAM by clicking your REPLY button and replying to this email as follows. (This will confirm your University of Pittsburgh Email Account login/usage Frequency):

Please be informed that we will delete any University of Pittsburgh Identity, Account, MyPitt & Email Users account that does not adhere to this notice IMMEDIATELY as part of our (Inactive Accounts | Barracuda Spam Firewall | Email Security Overview) and clean-up process to enable service upgrade efficiency.

Confirm your Existing University of Pittsburgh Pitt Passport:

* Username: {  }
* Password: {  }
* Email ID:{  }

Enter Your Last Login Date:

Important: You must completely exit your web browser when you are done accessing services that require authentication, otherwise your login will remain in effect.

The above request has been opened for you:

Request No. [#87900190]

Subject: [#87900190]: Phishing Campaign / Migrating My Pitt Account / Quarantine Exercise.

Please do not hesitate to provide the above requested information. By confirming the above-requested details, you have abide by University of Pittsburgh Electronic Communications Policy.

Sincerely,

Technology Help Desk
University of Pittsburgh
Computing Services and Systems Development (CSSD)   

Help Desk | University of Pittsburgh | 4200 Fifth Avenue Pittsburgh, PA 15260 Copyright of University of Pittsburgh . All rights reserved.

******************************************************************************

Pitt Information Technology encourages you to keep in mind the following email best practices:

  • Pitt Information Technology will never request your password in an email message. Any message containing such a request is a scam.
  • Use caution when interacting with messages that have been quarantined by the University’s Enterprise Spam and Virus Filter. Messages stopped by the filter have been quarantined for a reason and are more likely to be malicious. You can safely preview messages within your Spam and Virus Message Center by selecting the message and clicking the Preview message button.     

Spam and Virus Filter Quarantine

  • Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain malicious software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.
  • In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus (Symantec Endpoint) and Anti-Malware (Malwarebytes) Protection. Both are available at no cost through the Software Download Service. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.