Security Tip: May 2023

The UMN's Twin Cities Office Information Technology (OIT), explains in the resource Recognize and Report Email Scams:

Email scams are a common method to trick you into visiting a fraudulent website, opening an infected document, or logging in to "validate your email account."

Challenge

The IRS needs your information now! A friend or colleague shared a document with you! Your account will be shut off! Is the email real? How do you know?

Email scams (known as phishing) are a common method to trick you into visiting a fraudulent website, opening an infected document, or logging in to "validate your email account." These emails, websites, documents, or login pages may be obviously fraudulent, or may look exactly like the University's login page. Higher education institutions are popular targets for these scams.

Solutions

Take Immediate Action If You Think You Are a Victim

• Change your University Internet password and account secrets immediately on the Internet Account Options page if you:
  • Approved a Duo push that you did not initiate—report this to [email protected].
  • Responded to a scam email with your personal information or clicked on a link.
• If you opened an attached file or shared document, your files, identity, personal information, or the University's data may be at risk. Contact Technology Help staff.
• Visit identitytheft.gov to learn about immediate protective actions you can take.

Recognize Scams

• Emails that come from official-sounding senders like "UMN Edu Team," "Service," "HelpDesk," "Customer Service," or even a colleague, professor, or friend.
• You receive a Duo push request or call that you did not initiate, or that you initiated by clicking a link in an email rather than on the official University Duo Security page. 
• Messages that include threats of dire consequences if you don't act quickly. For instance, if you are asked to pay ransom to access your data.
• You see links to a login page that may or may not look exactly like the University's login page but the web address does not end in .umn.edu or may be shortened by services like TinyURL.
• Messages that may ask you to open a shared document you may or may not be expecting, may ask you to bypass policy/procedures, or ask you not to tell anyone.
• Learn to recognize the difference between a fake and official University Google login page. 
• Learn what to do with SPAM-unsolicited commercial email.

What Not to Do

• DO NOT give your passwords and other sensitive information to an unverified party online, over the phone, or in person.
• DO NOT approve a Duo push or enter Duo bypass codes that you did not initiate.
• DO NOT click any links contained in the message.
• DO NOT open any attached files or shared documents.
• DO NOT provide personal information such as passwords in a reply to an email.
• DO NOT submit passwords through Google Forms.
• DO NOT violate policy.

Report Email Scams

• Check the examples on the Phishing Scams Targeting the University blog.
• If in doubt, reach out! Ask for a second opinion. Forward the original text of scam email to [email protected] (include email headers if possible).
• The report in Gmail (select the "Report spam" button or "More" and then "Report phishing" option; this helps to educate Google).

Related Resources:

• Practice Safe Computing
• Information Security Awareness Topics
• University IT Policies:
  • Information Security
  • Acceptable Use of Information Technology Resources
  • Information Security Standards
• Learn how to report information security issues.