A well-crafted phishing attack!
Large communities like UMass Boston are juicy targets for cyber scammers, because time can be spent crafting a convincing con, then used on a large number of potential victims.Today’s Phishing Wall of Shame entry comes from Patty C., who trusted her gut, and protected herself.
This scammer did a pretty good job! They picked a realistic looking (though not technically real) email address and “spoofed” the From address. They also included a URL that looks legit, because it ends in “umb.edu/”, however this URL is also “spoofed”. Learn more about Email and URL Spoofing in a previous Wall of Shame entry.
IT Staff were able to investigate the spoofed URL in a secure way, and saw it directed to a form requesting the user enter their name and Library barcode. Trained IT Staff opened the file to take a picture, however you should avoid clicking a link in a suspicious email, because they could contain phishing attempts, malicious code, or illegal content and could cause harm to your computer. Here is peak what this link contained:
The page that loads looks exactly like the off-campus login page for EZ-Proxy! The scammer was able to match it very closely. If you had filled in this form with your email and password, your account would be in the hands of this scammer!
If you are suspicious of a link, website, or email, you can contact the IT department to ask if it may be a scam. Forward a copy of a suspicious email to abuse@umb.edu.
Always remember…
Don’t take the bait! IT will NEVER ask you for your password. Phishing emails attempt to deceive you into giving up your private information by leading you to fraudulent websites. Learn more at:
http://www.umb.edu/it/getting_services/security/phishing/
Hi John,
That example actually looks exactly like our off-campus login page for EZ proxy. The difference is only that it says
“Healey Library – Reactivation” (from what I can tell).
Can we edit the blog to explain that it DOES look very similar? I might see you before you see this message. Thanks