New email phishing attack hits close to home

by Randy Hollowell, information technology services

Email messages from compromised Miami accounts are currently making the rounds, and these new phishing scams are affecting Miami faculty, staff and students. 

Phishers will try and exploit the fact that you trust people that you know. When they compromise one account, they will often send messages to people who are in the address book of that person. They hope recipients will follow the instructions because they trust the sender.

If you receive a suspicious message from someone you know, follow up with them by phone or by text to make sure they sent it. If they didn't, you should delete the message, and they should immediately change their password.

An example of a possible message could look like this:

Hi,
How are you today, view the documents i uploaded for you via Google docs
View Document»
Best Regards,
Joe Public

If you receive a message that you suspect to be a phishing message, please forward the message to InfoSec@MiamiOH.edu.  This allows the information security team to lock out the compromised account. This minimizes the number of phishing messages sent by compromised Miami users. 

If you have already responded to one or more of these messages or clicked a link, please contact the IT services support desk immediately at 513-529-7900 or ITHelp@MiamiOH.edu. 

Also, visit the IT Services Gone Phishing page for more information about how to protect yourself.