Who is affected?

there is a new phishing email that seems to hsve come out this morning. looks to be targeting IT folks

Problem:

New Phishing Email

Systems Involved:

Other

Details:

Department of Information Technology There has been a security breach on our servers recently, we strongly recommend that all employees undergo a compulsory security verification upgrade. This process is easy and takes no more than a minute to be complete. The upgrade process is necessary to ensure maximum security and prevent possible account compromise by Trojans/Malicious programs. Start Verification Now

Updates:

2/21/2016 5:15:12 PM:
There is another version of this same message coming from a different address.� It points to the same website, which has been blocked from on campus machines, but users reading the email off campus can still reach the site.� We're working on scripts to remove the new message.� Users who have 2 factor authentication enabled for their accounts will receive Duo requests that they have not requested and should deny those requests.� Users without two factor authentication who have filled out the form on the webpage will be disabled.

2/21/2016 11:22:36 AM:
2/21/2016 8:20:00AM Access to the website was blocked on the campus firewall.

2/21/2016 10:40:58 AM:
Updated 2/21/16 10:40AM�� Scripts are running to remove the message from user's mailboxes.

Problem Resolution: