Pitt Information Technology has identified an email phishing scam targeting the University that claims to contain a link to a recipient’s document in OneDrive. The link leads to a malicious website, which asks for the user’s name and password. This scam may appear to originate from a pitt.edu email address or from outside the University.
The following is a sample of the fraudulent email. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to firstname.lastname@example.org. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.
Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.
In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.
Please contact the 24/7 IT Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.