On November 7, 2016, a new fraudulent phishing message with the subject “Helpdesk Email” began targeting UMass Amherst list servs. The email is appears to have been sent by “Thomas Denoncourt” and contains a link for validating your email account.

Caution: This email did not come from UMass Amherst or UMass Amherst IT. It is a phishing scam designed to trick you into providing personal information for fraudulent purposes.

Do not respond to the fraudulent message or click the link! Responding or clicking the link in the message may put your information and the university’s information and systems at risk.

---

When receiving suspicious messages or messages from unknown senders, we recommend that you:

• Check before you click: If you are unsure of a link in an email or on a web page, hover over the link with your cursor to see where the link goes. If the link does not go to a trusted URL, do not click!
• Verify the identity of anyone who requests your personal information. Never provide your IT Account, password, or other personal information in response to an email or on an untrusted site or form.
• Report these messages to itprotect@umass.edu.

---

If you have already responded to this message:

• Change your IT Account password. 
• Contact IT User Services (413-545-9400) during business hours (M-F, 8:30 a.m. - 5:00 p.m.).

Learn more about phishing attacks and how to avoid getting caught: 

• Phishing: Fraudulent Emails, Text Messages & Phone Calls
• Protect Yourself Against Phishing & Identity Theft

---

Phishing Email