The UW–Madison Office of Cybersecurity is aware of active phishing campaigns on campus in which the attacker impersonates Chancellor Rebecca Blank. The email message asks recipients if they’re available and includes a linked image that cannot be displayed. See the included text below.
From: firstname.lastname@example.org <email@example.com>
Date: Tuesday, August 31, 2021 4:13 PM
To: COVID-19 Response <firstname.lastname@example.org>
Are you available?
Rebecca M. Blank
The most recent phishing emails that look like this example were sent on the afternoon of Tuesday, August 31, but such attacks can occur at any time. Please be on the lookout for such scams. You can recognize them in the following ways:
- Hover over links, without clicking them. Most email clients, including Outlook and O365 online will show the destination URL. In this case, the URL is clearly not associated with the University.
- Inspect URLs closely. Some scammers will try tricking you out by including relevant sounding keywords like the name of the company they’re impersonating – look at the whole URL to make sure it includes a legitimate domain name in the correct placement, e.g., “wisc.edu.”
- If in doubt, don’t click the link but browse directly to the legitimate, relevant website and look for confirmation of the email message.
What should I do if I accidentally clicked the link?
Immediately change your NetID password by following the instructions in NetID: Changing a Password (Source: KB 20589).
Reporting a phishing campaign
Finally, if you suspect a phishing campaign, please report it! The best way to report spam and phishing attempts is with Outlook’s built-in reporting options. Get detailed instructions here.