On November 18, 2016, a new fraudulent spear phishing message with the subject “Urgent” began targeting UMass Amherst campus community members.
What is spear phishing?
More sophisticated attacks, known as spear phishing, are personalized messages from scammers posing as people or institutions that you trust. They often collect identifiable information about you from social media or the compromised account of someone you know to make their messages more convincing. Never transmit sensitive information over email or social media, even if the message requesting information appears to be legitimate.
Caution: This email did not come from UMass Amherst or UMass Amherst IT. It is a phishing scam designed to trick you into providing personal information for fraudulent purposes.
Do not respond to the fraudulent message! Responding to the message may put your information and the university’s information and systems at risk.
When receiving suspicious messages or messages from unknown senders, we recommend that you:
- Verify the identity of anyone who requests your personal information. Never provide financial data or other personal information in response to an email or on an untrusted site or form.
- Report these messages to firstname.lastname@example.org.
If you have already responded to this message:
- Change your IT Account password.
- Contact IT User Services (413-545-9400) during business hours (M-F, 8:30 a.m. - 5:00 p.m.).
Learn more about phishing attacks and how to avoid getting caught:
- Phishing: Fraudulent Emails, Text Messages & Phone Calls
- Protect Yourself Against Phishing & Identity Theft
- See the Lastest Phishing Scams on Campus