URGENT WARNING from NU Information Technology Security: Phishing Email

Northeastern Faculty, Staff, and Students,

This morning, many members of the NU community have received an email with no subject line warning that their mailbox quota has exceeded the storage limit and asking them to click on an external link to validate their mailbox. Although this email looks official, this is an attempt to steal your account information including your password and must be deleted without opening the link. If you clicked on the link and completed the form, you must immediately change your password or contact the Help Desk for assistance.

The Northeastern University community has seen a large up-tick in what are commonly known as "Phishing" emails. These usually take the guise of an ‘official looking’ communication requesting your account name and password to avoid the cancellation of your neu.edu account. As many of you already know, Northeastern University will never request information of this type and any such communication is fraudulent.

Another type of "Phishing" is sending an email referencing communications and/or transactions you don’t remember and asking you to link to a web site where you don’t recognize the sender and/or the Web site address.

These social engineering methods play on your trust and attempt to circumvent your judgment by using familiar information and subtle threats. Many victims relate a "feeling that something wasn’t right", but respond despite their better judgment. If you receive any such email it is often best to delete it immediately, or contact the NU helpdesk at x4357 or help@neu.edu if you have any doubts.

Thank you for your assistance in countering this problematic activity and in protecting yourself and Northeastern.

Mark Nardone
Director, Information Technology Security
Northeastern University Information Technology Services

Posted in IS Announcements.