A Critical Reminder: Beware of Recent Phishing Attempts
The following message was sent to the campus community from Information Systems
Over the weekend, some WFU accounts were compromised as the result of a phishing campaign. The scam threatened recipients with account deletion and then directed them to urgent, fake “verification” instructions. Accounts were compromised when users provided both their passwords and the Google MFA (Multi-Factor Authentication) codes or prompts sent to their phones. Hacked accounts were then used to perpetuate the scam.
This phishing attempt serves as a reminder of how important it is to be cybersecurity-aware. Below are some quick ways to spot a phishing scam.
-
Urgent or Threatening Messages: Scammers often create a sense of urgency, claiming that your account is at risk or that you need to act immediately. Pause and use caution when reviewing messages.
-
Suspicious Links or Attachments: Always hover over links to see the actual URL before clicking. If it looks unfamiliar or strange, don’t click.
-
Requests for Personal Information: Wake Forest University will never ask for passwords or MFA codes via email or text. Be cautious if you receive such requests.
-
Never accept MFA or 2-step verification that is unexpected and/or from an unfamiliar location. 2-step is used as a way to verify that the person who is trying to log in is actually you, and is in possession of your device.
-
Unknown, external or unexpected senders: Be wary of messages from unknown sources or unexpected emails, even if they look official.
If you receive a suspicious email, please report it by emailing infosec@wfu.edu.
Want to learn more about phishing emails and how to protect yourself?
-
Visit the Information Security webpage and brush up on cybersecurity best practices, tips, and tools.
-
Explore helpful training by visiting https://www.knowbe4.com/homecourse and use password, homecourse
For questions concerning phishing attempts, campus should contact the Information Security team at infosec@wfu.edu.
Your diligence is appreciated,
Wake Forest University
Information Security