Scam Summary: A fake file sharing scam using different "From" names and compromised accounts sends a link that leads recipients to a fake MS365 site. After entering their password the victim may be induced to approve a DUO mfa phone call challenge.
If a recipient responds by entering their credentials, this will result in theft of their credentials and the compromise of their account. Newly compromised accounts are then used to message new recipients and disseminate more scam document shares both at Michigan and sometimes other institutions.
How to Protect Yourself
Be suspicious of any unexpected document share. If you receive a shared document email you are not expecting, check with the sender by another means, do not reply to the email. Never open an unexpected shared document.
See Shared Document Emails Can Be Traps for more information of this and similar types of scams.
If You Responded to This or Similar Scams
If you responded to this or similar scams using your U-M credentials, change your U-M password immediately and contact the ITS Service Center for assistance.
