Phishing Alert: COVID-19 Vaccination Portal Linked With CoVerified App

Some U-M community members reported receiving this email. It is fraudulent or malicious. Do not respond, click any link in it, or provide personal information or money. See Phishing & Scams for more tips. If you need help, contact the ITS Service Center.

Date Sent: 
Friday, September 17, 2021

Phishing Email Summary

This phishing email seeks to trick people into following a link to a fake U-M Office 365 page. The email and the page have fake or stolen U-M branding on them to try to look more convincing. The email tries to further convince people to follow the links by claiming to have information about changes in operations due to COVID-19.

Always check the URL before logging in. While images and branding can be faked or stolen, a check of the sites URL will tell you quickly that the site is a fake. The real U-M weblogin site is https://weblogin.umich.edu . If you have already authenticated, going to weblogin should redirect you to Wolverine Access.

For more information on protecting yourself from similar scams and phishing, see: Coronavirus / COVID-19 Scams.

Phishing Email Text

All Staff/Employee,

   As COVID-19 vaccine testing and deployment accelerates, Health Department and ICT is developing a protocol to administer inoculation across our Institution. The team is currently working on advance Staff portal which will be link to the CoVerified App in order to keep our staff/employee on task & organized work schedules during 2021 fall semester.

Kindly click COVID-19 to synchronize  CoVeried App with Merrimack Portal .

Phishing Email or Site Screenshot: 
Image of the fake login site linked in the phishing email. Always check the URL of a site before logging with your U-M credentials.