On April 1, the ITS Security team identified a spear-phishing attack that targeted over 800 UNL email accounts. The subject line was titled, "You have 1 new Security Message”. The sender of the email was not UNL, but a compromised email account from George Mason University.
The link inside the email takes the user to a very authentic looking, but fraudulent MyRed login screen. This fraudulent login screen is designed to steal user credentials before transitioning the user back to UNL websites.
Recipients should delete this email. If a user has clicked on the link and entered their credentials, they should change their password immediately or contact the Computer Help Center, (402) 472-3970 or toll-free (866) 472-3970 or email mysupport@unl.edu.
The ITS security team has blocked access to the fraudulent site on the campus network-however the site can still be reached via off-campus internet connections.
As a reminder, faculty, staff and students should never click on or respond to any message that asks for credentials or personal information. UNL will never ask for individual login, password or other personal information via email. If you receive an email with hyperlinks, please hover over the link to determine if the link goes to a unl.edu domain or type the URL into a web browser manually.
ITS is grateful to the campus colleagues who were rightly suspicious of this email and reached out to our security and help center personnel with their concerns.
More about phishing at: http://its.unl.edu/phishingunl