Before 10:00 a.m. this morning, reports from four of UD’s colleges came in about a scam addressed to individual UD faculty members, requesting that the faculty member share one of his or her articles with the alleged sender. The link provided in the email leads to a fake website designed to steal UD credentials. A sample of this message is listed below:

Faculty phishing scam

The faculty member who received this message did not fall for this scam. He forwarded it to his college’s IT staff. Some other faculty members did fall for this scam and clicked the link to the fake website–a copy of the UD CAS login screen. But as this excerpt from a screenshot of the fake page indicates,

  • the URL is not that of a secured site. How would you know? The URL does not begin https. All UD login screens indicate that they are secured by beginning https.
  • the URL is not a valid udel.edu URL. It’s a phony one that begins like a valid udel.edu URL, then transforms the “udel.edu” part to “udel.edud.in”!
The two arrows point to telltale signs this page is scammed copy of a UD login screen.

The two arrows point to telltale signs this page is scammed copy of a UD login screen.

All faculty like to know their research is appreciated. The versions of this phishing scam that we have seen so far are using the names of faculty at Concordia University or the University of Alberta.

This scam may work if recipients are not vigilant. The URL in the message and on the fake landing page are the major clues this email is a scam.

If you click the link and provide your UD credentials, take the following steps immediately:

  1. Change your UDelNet password immediately.
  2. If your UD account is linked to file-sharing sites (Google, Box, Dropbox, etc.), change those accounts’ passwords as well.
  3. Notify your college or departmental IT staff for follow-up.
  4. You or your departmental IT staff can also contact the IT Support Center for more information.

The criminals are getting trickier. Please Think B4 U Click!