SECURITY ALERT: New widespread phishing scam

As our new semester begins, CSIT is receiving reports of a widespread new phishing scam reaching NWU user Inboxes.  Some details of this particular scam are included below.  Please be alert for this - as well as other - phishing scams as we move through this transitional period.

The latest phishing scam pretends to be from "Support" and has the Subject line "Resources Center".  In fact, the actual sender is typically a spoofed email account or a compromised email account.  The substance of the message is the claim that the email recipient has messages from the Human Resources Department waiting from them and it provides a link to the site at which the messages may be retrieved.  If you were to click on the link (PLEASE DON'T), you will be taken to a web page which is a screen scrap of the Microsoft Office 365 logon page.  It is, of course, not the real Office 365 logon page, but rather a fake designed to capture the usernames and passwords of those who attempt to logon.

If you have received a message like the one described above, please delete it immediately.  If you have receive a message like the one described above and have already followed the embedded link in the message AND entered your credentials on the fake logon page, your NWU account has been compromised.  In that case, please notify CSIT and immediately change both your NWU Office 365 password and your NWU password.  To make a report or to get help with changing your passwords, please contact the CSIT Office at 402-465-2341.