CSIT has received a report of a new phishing scam which targets Office 365 accounts. While not yet widespread, this is a particular concern coming at a transitional period of the academic calendar and in an environment in which we are introducing a number of significant changes. Please be alert for this phishing scam as you begin your semester.
This phishing scam purports to originate from the “Office Email Center” and has the subject line “Your access will be denied”. It claims to be announcing a mandatory migration to a new “2018 Microsoft Office365 Web Portal”. After listing several features which it claims are available this new portal, the message directs all staff to migrate within 24 hours in order to avoid delays in email delivery. It then supplies a masked link to a site at which the recipient can begin the migration. In fact, the site is a screen scrape of the generic Microsoft Office 365 logon page and is a fraud designed to capture passwords entered by the unwary.
There are several clues that this is a fraudulent message. First, the message originates from an address outside the NWU domain. Second, the grammar of the message is (to put it kindly) suspect. Any official Microsoft announcement is much better crafted. Third, the linked web site, while similar to the Office 365 logon page, does not display the custom NWU background image as you are prompted for your password. The real Office 365 logon page for NWU displays a custom background image after you have entered your NWU email address. Also, of course, there is no 2018 Microsoft Office 365 Web Portal to which anyone can migrate.
As we begin the semester we can expect more phishing scam which target NWU user account information. Please be especially cautious responding to any email message claiming to provide directives regarding your NWU accounts during this period,