It has come to our attention that the NYU List Team's administrative email address, firstname.lastname@example.org, is being used by various spammers to send out false account alert messages to list owners.
The "From" header of the message is:
The subject of the message is:
Subject: lists.nyu.edu account notification
The body of the message contains the (somewhat misspelled) text:
This e-mail was send by lists.nyu.edu to notify you that we have temporanly prevented access to your account.
We have reasons to beleive that your account may have been accessed by someone else.
Please click on the link below or copy and paste the URL into your browser:
As a reminder of better security practices, always remember that:
- No NYU community member will ever ask for your account password, especially not over email.
- Do not reply back to emails from unidentified, untrusted sources.
- Never click on links in suspicious emails, especially those directing you to change your password
- Forward all phishing messages as an attachment to email@example.com. This helps train our email filters to block such messages in the future.
- Messages that request personal information over plaintext email should be regarded as being suspicious. If it is spam, forward it to firstname.lastname@example.org. If you are unsure about the legitimacy of a message, contact the ITS Client Services Center at email@example.com or 212-998-3333.
- If a message informs you of an impending "account closure" unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.
If you have any questions about this information, please contact the NYU List Team at firstname.lastname@example.org.