SECURITY ALERT: Phishing scam targeting Office 365 credentials


CSIT has received several reports of a new phishing scam reaching NWU mailboxes this morning.  While this particular scam is not as sophisticated as many we have seen recently, the frequency of the reports prompted this warning.

The new phishing scam presents itself as an email message from either "Suzi Ogden (sogden [at]" or info [at], depending upon the information displayed by your email client software.  The subject of the message is "re: Microsoft account team".  The substance of the scam is the message's claim that the recipient's account is set to expire on 5/29/18 and advising that you must submit your username and password prior to that date to avoid being denied access.  The message includes a link to a completely fraudulent web site which solicits your username, email address and password.

Needless to say, the message has originated from a compromised or spoofed email address which is in no way connected to the administration of the NWU Office 365 tenancy.  There is no truth to the assertion of the message the your Office 365 account is subject to expiration.  The web site to which the message directs you is a fraud, belonging to neither NWU nor to Microsoft and is intended solely to harvest the credentials of the unwary.

Please be alert to this and other phishing scams.  Be especially cautious about following links embedded in messages you receive, particularly when you are not familiar with the sender of the message and/or not expecting the message.