As many of you know, it is not normally ITS’s practice to respond or warn the community via email of every scam that comes into our email accounts. Thousands of phishing messages are sent into our domains on a daily basis and it just is not practical to respond to each. However, this most recent communication (as shown in the screen print below) has raised a lot of questions for many since some UDM terminology is included.
This is not uncommon for spammers to attempt to phish your details by stating something that sounds legit.
In this case though, many of you probably realized the following tipoff’s that this is not legit.
1. Though the from address displayed firstname.lastname@example.org, the actual address was for someone at pdx.edu. (This is likely a compromised account that the spammers have access to.
2. You know that 99% of all accounts have been migrated off of TitanConnect email and are now on Office 365. References to TitanConnect mail are outdated.
3. The grammatical errors throughout the message are not charactistic of the good quality English courses the ITS staff passed when working through our degrees.
4. We reference TitanConnect as one word, not two separate words.
5. We would never state a date of Monday 29th. That does not read well.
6. ITS clearly never requests passwords from users.
7. ITS does not need the other information; we already have this information stored in our systems.
8. The phone directory will reveal we have no one by the name of Savannah on the ITS staff
9. We don’t reference the University’s name with a © symbol in the name.
10. The ITS department name is not Information Systems Dept by Information Technology Services.
If you received the message below and fell for it, please log in and change your passwords immediately.
If you find that you are now locked out of your account, you may be able to use the Forgot Password feature to still reset your passwords to something only you know.
If the Forgot Password features are not working for you, you will need to contact the Helpdesk tomorrow after 8:30 am to have your accounts manually reset.
ITS has increased its communications to the udm-its.blogspot.com blog with respect to phishing messages. You can always check there first to see if ITS is aware of the message or not.
Please continue to practice safe computer to the best of your ability.