RIT Information Security Alert—Payroll message! Phish

Why am I receiving this message?

Many RIT faculty, staff, and students have received an email masquerading as an important message regarding 2017 payroll.

Sample Phishing Email

-----------------------------------------

From: myRIT <Sender email address>
Date: Mon, June 26, 2017 at 6:06 PM
Subject: Payroll message!
To: recipient email address

1 New Notification Regarding Your 2017 Payroll

http://www.rit.edu/h/payroll/2017/f0rms.pdf <The original link goes to a page that looks like an RIT login page. We’ve replaced it.>

University of Florida.

-----------------------------------------

How do I know this is a phishing attempt?

  • RIT doesn’t send this type of email out.
  • RIT will never request password information through email.
  • The link went to a non-RIT website. (We’ve changed the link.)
  • Why would you be receiving a payroll message from the University of Florida?

What is RIT doing to protect me?

  • RIT is working to block the phishing site.

What can I do to protect myself?

RID RIT of the phishing attempt

  • REPORT the phishing attempt to spam@rit.edu and infosec@rit.edu
  • INSPECT your computer if you clicked on the link by running a virus scan. (Change your password if you provided it.)
  • DELETE the phishing attempt

For More Information

REMEMBER: RIT will NEVER ask for your password through e-mail.

Quick Infosec Tip: Do you know how to back up your information? Visit https://www.rit.edu/security/content/backing-your-data for recommendations.

Reminder: The RIT Information Security Policies and Standards are designed to help keep RIT and the RIT community safe from cybersecurity threats. http://www.rit.edu/security/content/intro-policies-standards