Skip to main content

Timely Warning Bulletin: Convincing Phishing Email

A convincing phishing email was sent to many email users at the Omaha, Kearney and Lincoln campuses.

image
University of Nebraska's Information Security Office determined circumstances exist that may pose a threat to UNO campus community. The Information Security Office and UNO Department of Public Safety wish to notify you of the incident. Please read this notification and take any necessary precautions to avoid being a potential victim.
Offense(s): Deception/Fraud- Phishing
Location(s): Campuswide
Date/Time of Occurrence(s): 12-12-17
Incident Summary:
A convincing phishing email was sent to many email users at the Omaha, Kearney and Lincoln campuses. The subject line title is “News Release."
The email message looked convincing as coming from each campus location, with each unique campus branding in the message, and the link goes to a malicious web site. You will notice that the links ended in .com – that is a clue that it is not a valid University of Nebraska or campus website. Users should never click on links in emails that they were not expecting.
If you click on a link from an email and the site wants the user to login, do not provide your credentials. Call your ITS support before clicking on the link to make sure it is a valid link.
If you have already clicked on the link and tried to login, change your password immediately and contact your local ITS support for further instructions.
For help, contact the ITS Help Desk at 402.554.4357.
Safety Tips Reminder:
  • If you receive emails of this nature, do not respond to them.
  • If you receive checks from an email like this, do not cash or deposit them.
  • Report any type of suspicious email to the UNO Information Security Office (security@unomaha.edu).
  • Report any suspected fraud to UNO Dept. of Public Safety.
  • Always log in from a trusted URL, rather than clicking a link in an email.
  • Do not access links from within an email that you may not trust or know.
  • Use different passwords at work than those you use for personal accounts.
  • Check links by “hovering” over them before clicking to see their true destination.
  • Verify the sender by hovering over the sender’s name to reveal the actual sender.
  • If you receive a phone call, ask them for a verification of the service or ask someone else if you feel it sounds too good to be true.
Warning issued by:
Information Security Office
Information Technology Services
UNO Department of Public Safety
6001 Dodge Street (EAB), Suite 100
402.554.2648