Credential Theft Explained
This is a common tacticÌýused to steal your password.Ìý Attackers will lure you into logging into a malicious website in an attempt to retrieve your user ID and password.Ìý Often attackers will use invoices, document retrieval or phony IT notifications to coax users into logging into fake landing pages.Ìý Falsified Office365Ìýlogin pages are just one example.
How to identify account compromise
The following may indicate that your account has been compromised.Ìý Notify your local helpdesk if:
- You receive email "bouncebacks" or "undeliverable" messages from mail you don't rememberÌýsending
- You can't send e-mail
- You've stopped receiving e-mail
- You have inbox rules for forwarding or redirecting mail that you don't recognize
How to avoid becomingÌýa victim
- BecomeÌýfamiliar withÌý°ÄÃÅÁùºÏ²Ê login URLs, and verify the link matches.
- Hover a link before you click it.Ìý Don't recognize it?Ìý Don't click it.
- °ÄÃÅÁùºÏ²Ê IT will never ask you for your password
- If your account is compromised, we mayÌýchange your password for you.Ìý You can then use the portal's "forgot password" link
°ÄÃÅÁùºÏ²Ê Login Examples
Outlook Web Access (OWA)
Ìý
Microsoft Office365
Ìý
°ÄÃÅÁùºÏ²Ê Portal
Ìý