Share:

New email phishing message claims to be from Miami Human Resources

IT Services has received reports of a fraudulent email message that looks like it’s coming from the Human Resources department. The email is being sent from HR-info@MiamiOH.edu, but this is not a legitimate Miami email account.

The email informs recipients that they are being contacted by the “Human Resources Department” and instructs them to click a link to access a “private document.”

If you receive this email, please do not respond or click on any links within; just delete the message. This is common phishing practice to try to get recipients to click on fraudulent links and unknowingly download malicious programs to your machine, or steal personal data.

This phishing email is a perfect example of the work Duo is doing for us—the “click here” link takes users to a page that looks nearly identical to the Miami login screen. This, of course, is a clever front in order to record your login credentials. The cool thing about having Duo, though, is that even if someone were to get your login credentials through nefarious means like this, they still wouldn’t be able to access your account, because they don’t have your second factor (e.g., your smartphone or landline) that’s used to acquire the two-factor code.

If you receive a message that you suspect to be a phishing message, please forward the message to InfoSec@MiamiOH.edu. This allows the information security team to block sites that may be associated with phishing attacks. If you ever feel you may have responded to a fraudulent message or clicked a link in one, please contact IT Help immediately at 513-529-7900.

Want to learn more about phishing and how to keep yourself safe online? Check out our Information Security site for some informative resources and data points.

MiamiOH.edu/SecureIT