The UW–Madison Office of Cybersecurity is aware of an active phishing campaign on campus in which the attacker impersonates a UW–Madison Information Technology service unit. See the screenshot below.
The campaign’s email messages ask recipients to click a link to update their email account. The emails are similar to those sent in another phishing campaign, reported in April of this year, differing most visibly in that the salutation in this example addresses students as well as faculty and staff.
NOTE: The most recently reported phishing emails like this example were sent over the weekend of June 19, but such attacks can occur at any time. Please be on the lookout.
Dear Faculty, Staff & Students,
Your UW Madison Email account information needs to be updated in the database system to avoid deactivation.
Click Update Email Account to update
University of Wisconsin-Madison
IT Help Desk
How can I identify this phishing attempt?
- Be on alert for an email purporting to be from “IT Help Desk.” It includes a request to click a link to either either verify your email address or update your email account.
- The email contains a link to a website that doesn’t have a wisc.edu domain.
- The email links to a fake web portal login screen.
What should I do if I receive this phishing attempt?
Use the option in Outlook to “Report a Phish” and it will be deleted from your inbox. For more details, see Office 365 – Submit a message as spam/phishing (Source: KB 45051)
What should I do if I accidentally clicked one of the fake portal links?
Immediately change your NetID password by following the instructions in NetID: Changing a Password (Source: KB 20589).
How can I learn how to recognize other phishing attempts?
Go to Learn how to recognize and report phishing (Source: it.wisc.edu).
Stay updated on phishing attempts by visiting our Scam alerts page (Source: it.wisc.edu)
If you are ever unsure whether an email message is legitimate, do not respond to it. Contact the DoIT Help Desk at https://kb.wisc.edu/helpdesk/ or at 608.264.4357 for advice. The UW–Madison Office of Cybersecurity will then block the criminal element from sending further emails and gather evidence for eventual prosecution of the crime.