October 26, 2020

Important Phishing Alert – “IT HelpDesk (via Google Drive)”

A message from the IT Help Desk.

UMW Faculty and Staff,

Several faculty and staff have received emails from the sender “IT HelpDesk (via Google Drive)”

These are fraudulent phishing emails and should be deleted.

If you opened one of these emails and clicked on the link/document, you should contact the UMW Help Desk for assistance at helpdesk@umw.edu or 540-654-2255.

Here are some tips that will help protect you from phishing emails:

  • Beware of emails asking you to confirm, check, review, or provide information using an attachment; it may be a malware attachment. If you do not know the sender or were not expecting an email from the sender, do not trust the attachment.
  • Be suspicious of emails that create a sense of urgency. They often claim you will lose access to your account if you don’t click on a link and enter your NetID and password. Emails like this are trying to steal your account credentials. No legitimate organization will send you an email that tries to frighten you into clicking a link.
  • Beware of emails that appear to come from a trusted source, but the sender’s email address is not a UMW account, or it is the email address belongs to a person you don’t recognize, and you can’t verify their legitimacy. Always check the sender’s email address, not just their name, to make sure the address legitimate.
  • Be suspicious of emails that are poorly written and contain grammatical or spelling mistakes.

Thanks,

Mike Townes
Director of Information Technology Security/ISO
University of Mary Washington
(540) 654-2152
mtownes@umw.edu

COVID-19 Phishing Awareness Alert

To the campus community:

As we continue to address the rapidly evolving COVID-19 situation, the Information Security Office is alerting the UMW community to beware of phishing campaigns that exploit COVID-19 concerns. Scammers often take advantage of health scares to distribute phishing scams. The COVID-19 pandemic continues to spawn dozens of such campaigns, scaring recipients into clicking on malicious links or attachments in emails, text messages, or social media posts.

Don’t let the pandemic lower your guard. Phishing emails will still persist, even if the theme changes. Be on the lookout for the following:

  • Fabricated notices from health organizations (e.g., the CDC or local/state health departments)
  • Fake updates from an employer about policies or procedures to address the risk
  • Phony websites containing maps and dashboards
  • Information about protecting yourself, your children or your community that contain malicious links or attachments
  • Charitable appeals to help victims of the virus, which generally are not legitimate
  • Fake links to Zoom meetings

If an offer seems too good to be true or an email seems suspicious, feel free to forward the email to abuse@umw.edu.  IT Security will take a look at it for you.

Be safe.

Mike Townes
Director of Information Technology Security/ISO
University of Mary Washington
(540)-654-2152
mtownes@umw.edu