Phishing Alert: Fake Help Desk Email Scam Mimics Pitt Passport Login Page | Information Technology | University of Pittsburgh
!

You are here

Phishing Alert: Fake Help Desk Email Scam Mimics Pitt Passport Login Page

Tuesday, January 25, 2022 - 15:00

 

Pitt Information Technology has identified a new email phishing scam targeting University students, faculty, and staff. The scam typically includes the subject line “You Have A New Message Unread From University of Pittsburgh” and appears to originate from the 24/7 IT Help Desk’s email address (e.g., helpdesk@pitt.edu). The message contains a link that directs readers to a webpage that mimics the Pitt Passport login page, which attempts to collect their Pitt username and password.

The following is a sample of the recent scam. Note that this scam message may appear in your junk email or quarantined email folder. Always use caution in responding to messages in these folders. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.

******************************************************************************

From: IT Services - University of Pittsburgh helpdesk@pitt.edu

To: Undisclosed recipients:

Subject: You Have A New Message Unread From University of Pittsburgh,

You Have A New Message Unread From University of Pittsburgh,

Click Here To View Message [link removed]

Thanks,

IT Services - University of Pittsburgh,

******************************************************************************

Clicking the link displays a webpage that mimics the Pitt Passport login page:

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the 24/7 IT Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.