Phishing Alert: Email Portal Scam and HR Department Scam | Information Technology | University of Pittsburgh

You are here

Phishing Alert: Email Portal Scam and HR Department Scam

Saturday, May 6, 2023 - 18:37


Pitt Information Technology is aware of two new phishing scams targeting the University of Pittsburgh community.

The first scam claims that all the recipient’s emails will be deleted unless they click a link and provide their username and password. The link takes recipients to a harmful website that attempts to collect their Pitt credentials. Below is a sample of the scam: 


Subject: Memo HR E-Mail Portal Login

Our records indicate that your Office-365 has two different logins with two university portals. Kindly indicates the two info logins as soon as possible. To avoid termination within 48hrs and to prevent loss of all emails associated with your account, we expect you to strictly adhere and address it.

We will process your request shortly.

If you have only one college account, fill in the correct user and password and submit but if you are in a dual credit college fill in the correct username and password for both schools and submit. If you have no knowledge about the request process, kindly update to cancel the request below.

Update School Login [link removed]

Thank You.

©Microsoft 2023


The second scam asks recipients to click on a harmful link to view a message from the HR department. Below is a sample of the scam: 


Subject: HR. Dept Urgent Message for all Teachers/Students


You have a message from the  HR Department 

Click here to view your message [link removed]

Office   865-594-1800 | Fax  865-594-1822

Copyright ©2023 EDU. All rights reserved


If you received this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to Detailed instructions on reporting scams are available at

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install an antivirus solution for personal devices. Staff and faculty are strongly encouraged to use Microsoft Defender to protect University-owned devices.

Please contact the 24/7 IT Help Desk at +1-412-624-HELP (4357) if you have any questions regarding this announcement.