UMass Lowell Information Security is aware of the sudden increase of Phishing-type emails and scams from various sources that have been delivered to Student Inboxes. Although Microsoft O365 platform routinely block several thousand phishing attempts per day, there is a chance that slight variations of the same theme will be delivered until a reputation can be established. As of today, we have disabled over one-hundred student accounts, which have been sending thousands of spam messages to the internet. This essentially means these students have given up their UML email account credentials to the scammers.
As always, continue to be vigilant with scrutinizing emails you receive not only from financial institutions, but also from what appears to be reputable retailers, government organizations, UMass Lowell IT, and even people you may know. Email scammers are constantly changing their social engineering techniques to gain access to your personal information or to send spam from your account. The latest phishing attempt used a picture of Tsongas Arena in the background, and threatened to disable your email account at UML.
If you are ever in doubt about the authenticity of an email you receive, we strongly encourage you to not reveal your university email credentials, personal, financial, and/or account information. Resist the urge to click on any of the links or download attachments.
We anticipate a continued surge in targeted phishing attacks on our university. If you have any questions regarding suspicious emails you receive, please contact the IT Service Desk (firstname.lastname@example.org) or Information Security (email@example.com)