Phishing attacks becoming more Pitt-specific

By MARTY LEVINE

You’re not imagining things — phishing emails to University employees have become very Pitt-specific.

The last two phishing emails that prompted alerts from Pitt IT came in mid-July: one pretending to need your sign-in information from Pitt Passport, and another faking a link to Pitt OneDrive documents.

“What we're starting to see is an uptick or trend in more Pitt-centric events going on,” said Ollie Green, chief information security officer in Pitt IT.

Green said that security training and awareness across the Pitt community has been causing fewer employees to open or click the malicious links inside false job offers, unreal bargains and phony prizes — the come-ons of typical phishing emails. This has forced phishers to get more sophisticated in their temptations — and more specific to Pitt.

“The attackers are getting a little smarter,” Green said, making their attack emails seem “as if they could come from a Pitt colleague.”

He said his department is “highly aware” of these attempts, and that the phishing frenzy has only increased over the last year, prompting 11 alerts from Pitt IT.

Mobile email users are especially susceptible to phishing emails, Green said, since they can’t hover a mouse cursor over the sender’s address and see that, although it presents a Pitt email address on its face, beneath that is the real address — either an unknown person or a string of gibberish.

“Be very cautious with all of your email,” he recommended. Go a step further by verifying with the sender that a suspect email is real or fake — “give her a call, send him an email.” Just make sure you’re using the real address.

In Outlook, every message has a menu on the right side (under the ellipsis mark — three dots in a row), with a “Report Message” choice near the bottom. Although those reports go directly to Microsoft, Pitt also is able to retrieve them. Suspected phishing emails also can be forwarded directly to Pitt IT at phish@pitt.edu.

This allows Pitt IT to warn those who may have responded to the phishing email earlier, disable compromised accounts until the threat can be fixed, block other messages to and from the sender, and send out alerts to those who may not have received or seen the malicious email yet.

More than 70,000 phishing emails were sent to Pitt accounts from mid-June to early July, Pitt IT reported. 

For more about phishing, visit the Pitt IT website.

Marty Levine is a staff writer for the University Times. Reach him at martyl@pitt.edu or 412-758-4859.

 

Have a story idea or news to share? Share it with the University Times.

Follow the University Times on Twitter and Facebook.