Beware of phishing message with NYU Logo
There are new reports about a sophisticated phishing message that purports to come from "New York University email@example.com". The message claims that NYU "noticed recent changes on your Email Account" and requests that you click on an URL labeled "UPDATE" or else your account will be suspended. DO NOT click on the URL titled "Update".
You should NEVER CLICK ON SUSPICIOUS URLs from untrusted or unexpected sources. Instead, forward phishing messages as an attachment to our email filtering account firstname.lastname@example.org. Doing so trains our email filters to prevent such messages from arriving into inboxes.
Please note: It is very important to forward the message as an attachment, otherwise our email filters will not be able to parse through the message correctly.
As a reminder of better security practices, always remember that:
- No NYU community member will ever ask for your account password, especially not over email.
- Do not reply back to emails from unidentified, untrusted sources.
- Never click on links in suspicious emails
- Forward all phishing messages as an attachment to email@example.com. This helps train our email filters to block such messages in the future.
- Messages that request personal information over plaintext email should be regarded as being suspicious. If it is spam, forward it to firstname.lastname@example.org. If you are unsure about the legitimacy of a message, contact the ITS Client Services Center at email@example.com or 212-998-3333.
- If a message informs you of an impending "account closure" unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.
The following sites also provide several useful tips on defending against these types of phishing attacks:
- SOPHOS Best Practices - Phishing
- ScamWatch.Gov - See a Scam
- ScamWatch.Gov - How to Protect Yourself from a Scam
Example Phishing Message
[[NYU TORCH IMAGE APPEARS HERE IN MESSAGE]]
We noticed recent changes on your Email Account, we detected this out of newly installed software & hardware to improve our services and support your subscription.
Click here to confirm your UPDATE
We offer you a new convenient and Safe Webmail Services. Thank you.