MU Information Security Alert


A number of fradulent emails have been circulating with various subjects and @live.marshall.edu senders, all with message bodies looking similar to the image below.  Many accounts are continuing to be compromised. Please DO NOT CLICK any links in messages which look similar to the image below, or any other messages before verifying the sender, verifying the URL, and ensuring you expect the message and that it is legitimate.

IF YOU HAVE ALREADY CLICKED A LINK IN A MESSAGE SIMILAR TO THE ONE ABOVE, CHANGE YOUR PASSWORD AS SOON AS POSSIBLE and contact the IT Service Desk at (304)696-3200. 

 

IF YOU RECEIVE A FRAUDULENT EMAIL MESSAGE, WE ASK YOU TAKE THE FOLLOWING ACTION(s):

  1. (Optional) Report a suspicious email message sent to your @marshall.edu email address by forwarding the message to phishing@marshall.edu. You will receive an auto-reply confirming receipt of the message as well as additional instructions.
  2. Delete the message from your inbox.
  3. As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
  4. If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304) 696-3200 / itservicedesk@marshall.edu.

 

Security Tip: Use of the ‘Skeptical Hover Technique’ Most email applications allow you to simply hover your mouse – without clicking – over an embedded web link to preview where the hidden link will try to send you if you should click it.

 

ALWAYS be suspicious of any unexpected email messages (regardless of the source) which include file attachments,  web URL’s, or are written with a sense of urgency that you must provide computer passwords or reveal personal financial information.

 

Phishing Scams and Compromised Accounts – What Should I Do?

https://www.marshall.edu/it/departments/information-security/compromise/

 

InfoSec Tips #7: Don’t Be Tricked

http://www.marshall.edu/it/training/infosec-tips-7/

 

Thank you for your continued awareness,