RIT Information Security Alert: Phishing Attacks Targeting RIT
1. RIT community members are receiving requests to provide University Identification Numbers (UIDs). The attackers are posing as RIT community members who have forgotten their UIDs. The messages are being sent from external email addresses that mimic the RIT email addresses. (For example, STUDENTADDRESS@gmail.cominstead of STUDENTADDRESS@rit.edu.) Here’s an example of an attack message received:
2. RIT community members are receiving messages purportedly from RIT that provide a link to Subscribe now to the Tiger's Tale Newsletter. The link provided in the email goes to a website hosted on Yolasite, which has a reputation for hosting scam sites.
Here’s an example of an attack message received. Note that although the From field says Rochester Institute of Technology, the associated email is not an RIT email. If you were to move your cursor over the Subscribe now link, you would see that the link goes to a non-RIT website:
What RIT is doing to protect you:
- The ITS Service Desk will require proof of identity before resetting passwords over the phone. RIT community members are encouraged to use the automated password reset feature on start.rit.edu when resetting passwords.
- RIT is working to identify and block the emails from reaching their intended recipients.
- myMail.rit.edu has not been compromised.
- SentinelOne antivirus software with up-to-date virus definitions will protect against viruses and many other threats that may be associated with phishing emails.
- MySpam MAY block many of these phishing e-mails. However, this is a highly targeted attack and spam filters may be less effective.
What you can do to protect yourself:
- Protecting yourself from phishing attacks depends on your vigilance.
- If someone asks you for confidential information such as a University Identification Number (UID), DO NOT provide the information.
- If you receive an email requesting you to furnish a “forgotten” UID or other confidential information, send a copy of the email to firstname.lastname@example.org.
- Check the sender's email addresses and hover your cursor over the link in the email to find out where the link really goes. For example, Here's the link to the real Tiger's Tale Newsletter. Hover your cursor over the link to determine where it really goes.
- NEVER RESPOND TO A REQUEST FOR YOUR PASSWORD sent by e-mail, even if the request appears legitimate. RIT will NEVER ask for your password through e-mail.
For more information:
- RIT Information Security Phishing Page <http://www.rit.edu/security/content/phishing>