SECURITY ALERT: New phishing scam mixing document transmission, account security

CSIT is receiving reports of a new phishing scam which combines elements of two previous scams.  The new phishing scam appears to be widely distributed to NWU mailboxes.

The phishing message originates from a compromised NWU account and, so, may appear somewhat more legitimate.  The subject line of the scam message is “Document Pending” and the body of the message claims that the recipient’s incoming email and documents have been “placed on hold” due to “resent spam activities.”  The message provides an embedded link with the label “Verify Now” and encourages the recipient to follow the link to verify their account.  It is signed “NEBRWESLEYANweb-services.”

The link leads to a fraudulent web page presenting itself as affiliated with NWU and prompting of a logon using your “Web Express” credentials.  If you have already followed this link in the message AND entered your NWU account credentials, then you have compromised the security of your NWU account. 

Should you received such a message in your NWU mailbox, please delete it and do not follow the embedded URL.  Please change your account passwords immediately.  Contact  the CSIT helpdesk (Smith-Curtis 109) or x7777 if you need assistance.