Since the start of the Fall semester, OACS has received multiple reports of suspicious emails coming from both University of Maryland email addresses and external email addresses asking the recipient to follow a link or view a document online. It has been confirmed via the Division of IT that University of Maryland community members have been targeted in a series of email phishing attacks designed to trick them into clicking fraudulent and nefarious links. After clicking an email attachment, the message recipient is then taken to a site that asks for his or her email address and password. If that information is supplied, the attacker then logs into the account to send more phishing messages to that person’s contact list.
These attacks have been successful because the hackers have done an excellent job of making the emails appear innocuous. They are sent as invitations to commonly used Web services such as Google Docs, DocuSign, or Dropbox. Often the invitation includes a convincing file name that is being shared, and the emails will come from someone you know. It becomes like a chain reaction, and the person that has sent the message is a victim of the phishing attack as well. The attacker has already infiltrated the account and is sending further messages to continue collecting account information.
Signs of fraudulent messages include:
- Typos or other grammatical errors in the email.
- The link to the document does not point to the legitimate server (for example: docs.google.com, docusign.com) but to a link from a URL shortening service like bit.ly.
- If you click the link, the website you access will not be the legitimate website (for example: docs.google.com) but will instead be a third party website, often a long string of characters and hosted in a foreign domain (like dsfdsfdfvsdghes.ru)
- The login page will not be a standard Google authentication page but instead will ask you to click the icon for your email servers and then offer a login prompt.
If you suspect a message may be a phishing email or if you are unsure whether a message is legitimate or not, please forward the message to spam [at] umd [dot] edu for confirmation. You can also contact the OACS Help Desk at oacshelpdesk [at] umd [dot] edu 301-405-7391 or the Division of IT Service Desk at itsc [at] umd [dot] edu or 301.405.1500.