RIT Information Security Alert: Your Password Will Expire Soon Phishing Attacks
If you've received a message with the Subject Line: Your password will expire soon or a similar email, please delete it. The message itself reads: Click here to proceed with your Email update.
How do you know this is a phishing attempt?
- ITS does not send out emails with links to update your password.
- You'll note that the link included in the email does not link to an RIT address; it's on "altervista". (We've removed the link from this example.)
- The phish uses a common technique of trying to impart a sense of urgency and trying to get you to supply the requested information quickly.
- For more information about Phishing, please visit the RIT Information Security Phishing page.
What RIT is doing
RIT is working to block the phishing/malware attacks from reaching RIT e-mail accounts.
- myMail.rit.edu has not been compromised.
- SentinelOne Endpoint Protection with up-to-date virus definitions will protect against viruses and many other threats that may be associated with phishing emails. (Antivirus software is available free to RIT students, faculty, and staff for home use from http://www.rit.edu/its/services/security/).
- MySpam will block many of these phishing e-mails. However, senders actively modify messages to avoid spam traps like Brightmail, and that allows a few to slip through.
What you can do
- Delete the e-mail. If you clicked on the link, change your password NOW, scan your systems for viruses and spyware and report the situation to your Help Desk (SCOB, NTID, ITS).
- Visit the RIT Information Security Phishing page at http://www.rit.edu/security/content/phishing for information on keeping yourself safe from phishing attempts.