RIT Information Security Alert: Unusual Activity in your Webmail

RIT faculty and staff received an e-mail Friday afternoon claiming activity in your webmail. The email claimed that RIT had detected something unusual about your account and provides a Review button. A copy of the phish is provided below.

Sample Phishing Email

From: RIT webmail [mailto:lauram615@optimum.net]

Sent: Friday, February 24, 2017 3:33 OM

Subject: Unusual Activity in your Webmail

Dear User, 

We detected something unusual about your account. To help keep you safe, we require an extra security update.

As part of our Security Agreement we have place your email on "Limitation"

Review Here >

*to learn how alerts like this one help you to protect your webmail, visit School Help Center

 

How do I know this is a phishing attempt?

  • RIT doesn't send this type of email out.
  • RIT will never request password information through email.
  • The link embedded in the button goes to a non-RIT website.
  • The sending email is not an RIT email address.

 

What is RIT doing to protect me?

  • RIT contacted the university hosting the phishing site.

 

What can I do to protect myself?

RID RIT of the phishing attempt

  • Report the phishing attempt to spam@rit.edu and infosec@rit.edu
  • Inspect your computer if you clicked on the link by running a virus scan. (Change your password if you provided it.)
  • Delete the phishing attempt

 

For More Information

 

REMEMBER: RIT will NEVER ask for you password through e-mail.

 

Quick Infosec tip: Many of us use smartphones or tablets to check our RIT email. Although we can't hover our cursor over a link to see where the link goes, we can press on the link until we see the pop-up providing that information. We must be extremely cautious in clicking on links from our mobile devices.