Over the past couple days, DoIT Security has been made aware of several phishing campaigns that have been sent out to a number of our alumni, students, and staff. We created this article as a notice to show our UMBC community what these phishing emails look like, and what to do if you receive something similar.
The first phishing campaign stated that the recipient’s account will be deactivated, telling the user to click on a link. The link lead to a Google form that asked the user to fill in their UMBC username, password, and Duo code.
Below is an image of the phishing email that was sent:
If you receive a message that looks like this, please keep in mind that we are not deactivating any accounts nor do we need to verify any accounts, so this email is a scam.
UMBC staff will never ask for your password under any circumstances. Assume that any email asking for your password or Duo information is a scam, and to kindly forward the message to security@umbc.edu for further investigation.
The second phishing campaign involved an email being sent out to students and staff claiming to be a remote job opportunity. This also contained a link to a Google form which asked users to fill out information such as their first and last name, address, personal and school email, occupations, and phone numbers.
Below is an image of the phishing email that was sent:
As mentioned before, UMBC staff will never ask for or require confidential information including but not limited to usernames, passwords, or Duo/two factor authentication codes. Staff members will not ask you to click on any embedded links similar to the one presented in the screenshots above.
Should you have any concerns or questions about the authenticity or safety of an email, link, or form, please do not hesitate to contact us at security@umbc.edu or submit a ticket for us to verify its security for you and/or to investigate the matter further.