Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

“Office 365 verification” phishing scam from compromised student account

Please be on the lookout for the following phishing scam coming this morning from a compromised student account:

The subject will be “Office365 E-mail Verification” (or a variation) and says that “you recently made a request to terminate your Office365 mail” and to click on a link to cancel this termination.

The mail should be immediately suspicious to most people with common sense and awareness of phishing scams, but here are a few signs:

  1. Why is a student account sending you mail about your “termination” of an Office365 account?
  2. Why are they threatening you to verify or lose your account?
  3. Why does the link point to a site that is not in the university network and is in Brazil of all places?
  4. Why is something as “important” as this being sent in a non-secure email? 

Here is an example of one of these phishing emails that several observant students and colleague have sent me this morning already!

If you have accidentally clicked on the link and given your login details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately. (Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.)

If you have received mail that looks like the one above, please immediately report it to the Information Technology Security Team using the following method: (especially if it looks like it comes from a university address) Once you have reported it, delete it immediately.

  1. Start up a new mail addressed to csirt@sun.ac.za (CC: sysadm@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

[ARTICLE BY DAVID WILES]

 

Tags: ,

Comments are closed.

 

© 2013-2020 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.