Phishing Alert: Fake Covid Test Results Scam Mimics Pitt Passport Login Page | Information Technology | University of Pittsburgh
!

You are here

Phishing Alert: Fake Covid Test Results Scam Mimics Pitt Passport Login Page

Wednesday, September 29, 2021 - 10:19

 

Pitt Information Technology has identified a new email phishing scam targeting the University. The scam typically includes the subject line “Covid Test Result” and claims to be from the University of Pittsburgh, even though it originates from an email address outside the University. The scam includes an attachment that claims to contain Covid test results. Opening the attachment directs readers to a webpage that mimics the Pitt Passport login page. If the user enters their username and password, the fake webpage then prompts the reader to enter their Duo passcode. If the scammer successfully obtains a user’s Pitt username and password, along with their Duo passcode, the scammer would have immediate access to the user’s account.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.

******************************************************************************

From: University of Pittsburgh (external email address)
To: <jdoe@pitt.edu>
Subject: Covid Test 

Attachment: Covid Test Result.htm

Hi jdoe@pitt.edu 

Attached is your Covid Test Result. 

******************************************************************************

Opening the attachment displays a webpage like the one shown below that mimics the Pitt Passport login page:

Fake Pitt Passport Login Screen

Entering a username and password then displays a fake Duo Mobile page like the one shown below that prompts the user to enter a Duo passcode:

Fake Duo Prompt

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the 24/7 IT Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.