What is Phish?
A "Phish" email is a type of unsolicited email that is intended to trick you into replying and providing data to the sender (typically a password, banking information, or another type of personal data that can be used to steal resources).
What is this New Kind of Phish?
This past summer, several UMD accounts have received a new variant of Phish email.
This new kind of Phish likely leverages a previous data breach at a social media platform. For instance, LinkedIn had a data breach a few years ago and that could mean your old LinkedIn password (associated to your email account) might be available to someone. This doesn't mean any of your current accounts are necessarily at risk, but the author of the new Phish email uses this limited knowledge of you to pretend to have a lot more information about you in order to blackmail you into paying them. For further information visit Extortion Phish: Your Password is XXXX.
What Should You Do?
If you receive Phish email:
- Do not respond to the message.
- Do not share any information with the sender.
- Report it to ITSS.
Questions?
Please contact the ITSS TechCenter Help Desk with any questions.
- Email: [email protected]
- Phone: 218-726-8847
- Stop by: Kirby Plaza 165