The University of Michigan IT Security Community has been seeing a flurry of fraudulent emails recently.
The emails have subject lines like these:
- A Police Security Emergency
- UMICH INFO: Campus Emergency Announcement
- BREAKING: Emergency Situation on Campus
- BREAKING: Campus Security Emergency
- Security Notification Concern on Campus
- UMICH ALERT: Emergency Situation on Campus
The emails include a link to a fake Weblogin page to provide more information about the supposed emergency. If a user clicks the link in the fake message, they are directed to a fake Weblogin page. If they provide their uniqname and password, these are stolen. Information Assurance (IA) is blocking the fake Weblogin sites as soon as it discovers them.
Tips for protecting yourself
This scam presents an opportunity to once again share with users in your units these tips for protecting yourself from these and other fraudulent emails:
- Look carefully at all links in emails before clicking. If you aren't sure a link is legitimate and safe, don't click.
- If the URL doesn't look right, don't click it! The URL in the recent emails, for example, is clearly not a U-M web address.
- Look before you log in. It is common for attackers to set up fake login sites. Always check the URL before providing your password.
- Check the phishing alerts on Safe Computing. IA staff members post phishing and other malicious emails reported to them by members of the U-M community. Check to see if the email you received is posted there.
- Hover over links in emails with your mouse to see the actual destination. Most email programs show the URL in the bottom left corner of the window when you hover over a link. Check whether the URL matches the link in message text. If the message claims to be about the university, look to see if the URL looks like other university URLs you are familiar with.
- Double check. If you are suspicious of a link or attachment, don't click. Check with the sender by phone or in person to see if they actually sent the message.
- Learn more about fraudulent emails at Phishing & Suspicious Email.
- If you receive an email you believe is fraudulent, forward it to ReportPhish@umich.edu.