SECURITY ALERT: New Phishing Scam

CSIT has been alerted to several instances of a new phishing scam which targets recipients' Office 365 credentials.  While we do not yet know how wide spread this particular phishing scam is, it is deceptive and sophisticated enough to warrant a special alert to our faculty, staff and students.

This particular scam is disguised as an email message from "Security Notification".  It addresses the recipient of the email by their username and pretends to be a response to a request for a reset to their Office 365 password.  The trick is that the scam reverses the normal prompt for action of legitimate password reset messages.  That is, it invites the recipient to ignore the message if they did request a password reset, but to respond - by following an embedded link in the message - if they did NOT make the request.  The supposed purpose of following the embedded link is "to void the password reset request".

The message is completely fraudulent and the embedded link leads to a site which has no connection to either Microsoft or to the NWU Office 365 tenancy.  However, unlike many phishing scam, this one is carefully crafted and might possibly escape detection on a casual inspection.  Our more throughtful email users might note, however, the fundamental flaw in the phishing scam's "come on", specifically that no password reset routine would email a password reset message to the same email account for which the reset is being requested.

As always, please use extreme caution when handling all email messages, but especially those purporting to concern the security of your online accounts.