With the huge usage spike in online audio and video tools such as Microsoft Teams and Zoom, there has also been an increase in phishing attempts to get these login credentials. Scammers are using images of real Teams or Zoom invites, making the email look legitimate. However, hovering over the invitation URL will show it going to a non-legitimate website.
We have all been inundated with requests for online meetings, whether they come from colleagues, friends or family members. The volume alone makes ignoring the warning signs you’ve been taught easy to do.
At UTHSC, we have our O365 information, as well as many other applications, behind DUO. However, if you fall for one of these phish, a bad guy can get your password in a credential harvesting scheme. They may not be able to get to your UTHSC information, but THEY STILL HAVE A VALID PASSWORD!
If you use the same password for multiple accounts, say your banking, social media and UTHSC, they would have access to those accounts. So, use unique passwords for all your accounts.
If you click on a link and “log in” but go no where after that, or you are directed to a site that is not legitimate, it is almost assuredly a scam to get your password. Change you password immediately and report the email to the Office of Cybersecurity by forwarding it to abuse@uthsc.edu. We will work on getting the bad email out of our network.
Stay safe everyone!