Multiple phishing emails target UB faculty and staff

Smiling member of UB community.

Published October 23, 2017 This content is archived.

Four separate messages were sent targeting the UB community. Anyone who received these emails should delete them immediately—do not click any links or open any attachments.

Print

What were the messages?

The titles of the phishing emails are:

  • Job number 81576- ITS CLOSURE
  • New sign-in from iPhone
  • Information service
  • Email address changed successfully

One involved a supposed email change, one involved a "new" sign in from an iPhone, one involved supposed account termination, and one involved a mandatory change to two factor authentication.

These emails are now included, along with previous phishing attempts, on the list of IT Security Alerts on the UBIT website. The list also includes indicators that can be used to distinguish a phishing attempt from a genuine email.

How can I tell if an email is a phishing attempt?

These emails contained several common indicators of a phishing attempt, including:

  • coming from a sender not associated with an “@buffalo.edu” email address
  • linking to a non-buffalo.edu website
  • poor spelling and grammar

What if I already clicked the links?

If you entered your password, change it immediately - go to Changing Your Password.

If clicked on the link, but did not enter your password, please check that your computer security or anti virus program is on and up to date. You can download Symantec Endpoint Protection anti virus/firewall software for free from the UBIT website.