SECURITY ALERT: Phishing scam targets Office 365 accounts

We have received reports today of a new phishing scam which targets login credentials for Office 365 accounts.  While this particular scam does not appear to be especially widespread, it is well crafted and presented with enough care to make it plausible to casual inspection.

This new phishing scam arrives in an email message claiming to originate from "Security Team" with the Subject "Notification ID: PN88330, Action Required."  The body of the message claims that the recipient is required to update their Office 365 account into a encryption system as a security measure intended to protect their personal information.  The message includes two embedded links and invites those receiving the message to follow the links.

Closer inspection of the originating address will reveal that the actual address is neither from Microsoft nor an NWU account.  The links embedded in the message, if followed, lead to a screen scrape of the Microsoft Office 365 login page.  The static background image after entering a username into the page reveals that this is not actually the NWU login page, but a fake designed to capture any username and password data entered into it.

CSIT advises all NWU faculty, staff and students to use extrema caution in handling all incoming email message, but especially those which involve injunctions to take actions impacting your NWU accounts.