There is a new trend in COVID-19 related scams being reported as more people return to the work place. UTHSC has required training regarding COVID-19. This training, located in Blackboard, IS VALID. Other organizations using O365 have reported phishing scams touting required training that people should “click on a link and sign in” to receive training and resources, all to steal O365 credentials.
You all know what to look for in phishing emails. But as a reminder:
- Is the sender from a legitimate @uthsc.edu email address?
- Is there a sense of urgency to complete a task?
- If you hover over the link, is it sending you where you expect to go?
Other phishing scams reported to abuse@uthsc.edu this week:
- It was Dr. Michael Alston’s turn to get name spoofed (his name was used, but the email address was a gmail one) asking people if they were available for a “task” (gift card scam).
- Your Password Expiration Notice – telling users their Office 365 password was expiring. The email address was coming from Japan.
Report any suspicious UTHSC communication to abuse@uthsc.edu. We can investigate and let you know if it is a phish or a legitimate email.
Stay safe everyone!