There are new reports about a sophisticated phishing message that purports to come from "WEBMASTER" or "NYU WEBMASTER". The phishing message claims that NYU has "decide[d] to upgrade our NYU.EDU database to guard and attack against spam database" and that "you are expected to CLICK HERE and fill in the account verification form as required and we shall upgrade your account.". The link then takes you to a Google doc that requests, amongst other things, your current email address, NetID and NYU password. This message is a forgery and should be deleted immediately.
NYU community members should NEVER REPLY TO OR CLICK ANY URL in an email that requests the recipient's email login name and password. Instead, forward phishing messages as an attachment to our email filtering account email@example.com. Doing so trains our email filters to prevent such types of spam from arriving into inboxes.
Please note: It is very important to forward the message as an attachment, otherwise our email filters will not be able to parse through the message correctly.
As a reminder of better security practices, always remember that:
- No NYU community member will ever ask for your account password, especially not over email.
- Do not reply back to emails from unidentified, untrusted sources.
- Forward all phishing messages as an attachment to firstname.lastname@example.org. This helps train our email filters to block such messages in the future.
- Messages that request personal information over plaintext email should be regarded as being suspicious. If it is spam, forward it to email@example.com. If you are unsure about the legitimacy of a message, contact the ITS Client Services Center at firstname.lastname@example.org or 212-998-3333.
- If a message informs you of an impending "account closure" unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.
The following sites also provide several useful tips on defending against these types of phishing attacks:
- SOPHOS Best Practices - Phishing
- ScamWatch.Gov - See a Scam
- ScamWatch.Gov - How to Protect Yourself from a Scam
Example Phishing Message
Dear Account User,
Due to the high rate of spam and unsoliticited bulk emails, our users
received daily on our google account database, we have decide to upgrade our
database. We have equiped our database to high spam detector and we would be
performing high quarantine services regularly on all accounts, you are
expected to CLICK
HERE [link redacted] and
fill in the account verification form as required and we shall upgrade
Thanks for your anticipated cooperation,