There are new reports about a sophisticated phishing message that purports to come from "IT Service Desk" or Ask_ITS@nyu.edu. The phishing message claims "NYU's web mail and Calendar Service have been updated," and instructs the recipient to click on a web link "for information and instructions on how to access your email." An adjacent URL takes victims to a malicious website that requests, amongst other things, the NetID and password. This message is a forgery and should be deleted immediately.
NYU community members should NEVER REPLY TO OR CLICK ANY URL in an email that requests the recipient's e-mail login name and password.
As a reminder of better security practices, always remember that:
- No NYU community member will ever ask for your account password, especially not over e-mail.
- Do not reply back to e-mails from unidentified, untrusted sources.
- Messages that request personal information over plaintext email should be regarded as being suspicious. If you are unsure about the legitimacy of a message, contact the IT Service Desk at AskITS@nyu.edu or 212-998-3333.
- Forward all phishing messages to email@example.com. This helps train our e-mail filters to block such messages in the future.
- If a message informs you of an impending "account closure" unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.
The following sites also provide several useful tips on defending against these types of phishing attacks:
- SOPHOS Best Practices - Phishing
- ScamWatch.Gov - See a Scam
- ScamWatch.Gov - How to Protect Yourself from a Scam
Example of phishing e-mail
Phishing e-mail Web Page (Notice the Free Web Hosting Advert on the Bottom Left)