A quick heads up about a new phishing (www.shef.ac.uk/cics/phishing) variant we saw this morning. Being careful where you put your username and password should protect most people but we expect to see a few caught out.
What's different is the enticement of getting access to a Google Doc rather than trying to scare people into giving away their details. We suspect this scam is most likely to catch those with their heads down, trying to get their work done, churning through their inbox.
Remember: If you're asked to sign into anything other than the University portal (https://portal.shef.ac.uk) when trying to access a Google Doc then please report it the Helpdesk's dedicated phishing address - firstname.lastname@example.org
So, how does it work?
Step 1 - Someone gets an email asking them to sign in to see a Google Doc
Step 2 - After clicking on a link they're taken to a phishing page, clicking on any of the logos in the bottom right gives a branded log in box.
Step 3 - The username and password are sent to the criminals running the scam. The victim then finds that their account is misused to carry out further criminal activity and we've even had cases of stolen identities and emptied bank accounts.
We block the vast majority of scam emails targeted at the University but when that email comes from a trusted source (for example a compromised account at a university!) then it is likely to get through. Your help in promptly reporting these scams allows us to block the websites and email accounts used and report the scam to the appropriate authorities for further investigation.