As we prepare for the winter break, we commonly see a surge in malicious activity toward user accounts. Users receive emails warning about unpaid invoices, expired passwords, or full inboxes. These messages are made to convince people that they are in danger of losing money or access if they don't respond, or click a link within an email. Very often these messages will appear to come from someone you know, from a company you may have done business with, or in some cases, from what looks like your own account.
Other common phishing messages recently have included invoices from companies like PayPal or GeekSquad saying they will be charging your credit card if you don't click a link. These messages are fake.
We have some FAQs available on how to identify phishing/spam messages you can look at below.
As well as some best practices for keeping your account secure:
If you receive any messages like this, please forward them to security@umbc.edu along with the email headers. For instructions on forwarding email headers, please visit: How do I forward full email headers? - Find Help (FAQs) - UMBC.