Search Google Appliance

Information Technology

Security Alert! New Phishing Scams Target UMass Amherst Community - Wed., 11/08

November 8, 2017

On November 8, 2017, a new fraudulent phishing message with the subject "UMAS Information Technology" began targeting UMass Amherst email users. 

The email appears to have been sent by “” notifies the recipient “We have upgraded vpn client software, please click the login button to reactivate your UMASS SSL VPN Service access,” and contains a button link labeled “Sign In.” The link in the message directs the user to a fraudulent version of the UMass Amherst VPN login page.

Caution: This email did not come from the University of Massachusetts. It is a phishing scam designed to trick you into providing your NetID password to get access to your personal information and/or UMass information technology services for fraudulent purposes. 

Do not respond to the fraudulent message or click the link! Responding or clicking the link in the message may put your information and the university's information and systems at risk. 

If you have already responded to the message, change your IT Account password in SPIRE immediately. 

For more information about this phishing scam or to learn more about what you can do to protect yourself, see the News section of the UMass Amherst IT website. Please report suspicious messages to

When receiving suspicious messages or messages from unknown senders, we recommend that you:

  • Verify the identity of anyone who requests your personal information. Never provide financial data or other personal information in response to an email or on an untrusted site or form.
  • Report these messages to

Learn more about phishing attacks and how to avoid getting caught: 

Phishing message:

Screenshot of email message. The message comes from a non-umass address, but claims to be UMass Amherst. There is a link in the message which does not show the address.

The link button in the message leads to a fraudulent version of the UMass Amherst VPN login page:

Screenshot of fake UMass SSL login screen. The web address is shown and is not a trusted UMass address.