RIT Information Security Alert: Important Security Notification Phishing Attempt

We’ve received a spear phishing attempt (a phish targeted at a specific population) claiming that there is a security emergency on campus. The email asks the reader to access a linked REPORT and follow protocol. If you encounter this phish, please just delete it.

Here’s the text from the phishing attempt:

--------------------------------

From: "Cullis, Barbara" <EMAIL ADDRESS>
Date: January 12, 2018 at 3:33:00 PM EST
To: Undisclosed recipients:;
Subject: Important Security Notification

Hello All,

There is a security emergency in Campus. Please go through REPORT released for update

and follow protocol.

---------------------------

What can I do to protect myself?

  • Be vigilant! Never respond to an email request for your username or password.
  • To check the validity of an email from ITS, contact the ITS Service Desk (5-4357)
  • Hover your cursor over the link to determine where it will take you.  If it’s to a non-RIT URL, don’t click on it.
  • To determine where a link goes when using a smartphone, press down on the link until the destination address appears. Don’t just click on the link.
  • If the email appears to come from RIT, but is asking for something outside a normal process or has an unexpected link or attachment, confirm with the sender that it’s legitimate.
  • NEVER give your password or any personal information out through e-mail.

 

RID RIT of phishing attempts

  • REPORT phishing attempts to spam@rit.edu and infosec@rit.edu
  • INSPECT your computer if you clicked on a suspicious link by running a virus scan. Change your password if you provided it.
  • DELETE the phishing attempt(s)