The Office of Information Security received a reported phishing message claiming to be from Washington University and threatening to terminate user accounts. This malicious email asks the user to cut and paste a URL into their browser. This phishing website prompts for a WUSTLKey username, password, and phone number. Unsuspecting victims who type their credentials into this field are unknowingly handing these credentials over to the attackers. Once the attackers gather this information, they send a text asking the recipient if they want to terminate their account. If the user declines, the attacker says the user needs to approve an incoming DUO request. Finally, if the user approves the DUO request, the attacker can log into their account and wreak havoc.
Legitimate Washington University emails should contain the sender’s full name and contact information so users can verify the email’s legitimacy. Below is a sample of the phishing message.
Protect Your Account
If you received this message and visited their website or entered any information, you should change your WUSTLKey password immediately. If you are unsure if you interacted with this message by visiting the link or entering any information, please change your WUSTLKey password now.
To change your password, visit the guide at How do I Change my WUSTL Key Password – Information Technology or by finding the appropriate link in WUSTL ONE (one.wustl.edu).
If you see a message like the one below, please do not interact with any links or follow any special instructions regarding authentication methods. Simply report it using the Phish Alert Button (PAB) in your Outlook interface.
It’s always best to err on the side of caution and report anything that seems remotely suspicious. Our team will analyze all submissions and return them to you if they’re determined to be safe.
We appreciate everything you do to help keep our institution secure.
Be sure to read our newsletter, SECURED, when you see it in your inbox or by visiting our blog (https://informationsecurity.wustl.edu/blog/). We cover the latest topics, resources, and best practices in information security. In our most recent edition, we announced our schedule for Cybersecurity Awareness Month, along with launching an opportunity to brush up on your InfoSec knowledge while being entered to win up to $1,000 in Bear Bucks.
Contact Our Office
If you have questions or concerns about this update, please contact the Office of Information Security by emailing email@example.com. As always, we appreciate your vigilance as we work together to keep WashU secure.